kriggins's Stars
carlospolop/PEASS-ng
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
CISOfy/lynis
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
tennc/webshell
This is a webshell open source project
ddosify/ddosify
Effortless Kubernetes Monitoring and Performance Testing. Available on CLI, Self-Hosted, and Cloud
liamg/traitor
:arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock
swisskyrepo/SSRFmap
Automatic SSRF fuzzer and exploitation tool
jonaslejon/malicious-pdf
💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh
mattnotmax/cyberchef-recipes
A list of cyber-chef recipes and curated links
cider-security-research/cicd-goat
A deliberately vulnerable CI/CD environment. Learn CI/CD security through multiple challenges.
HashPals/Name-That-Hash
🔗 Don't know what type of hash it is? Name That Hash will name that hash type! 🤖 Identify MD5, SHA256 and 300+ other hashes ☄ Comes with a neat web app 🔥
newbit1/rootAVD
Script to root AVDs running with QEMU Emulator from Android Studio
xnl-h4ck3r/GAP-Burp-Extension
Burp Extension to find potential endpoints, parameters, and generate a custom target wordlist
cybersecsi/houdini
Hundreds of Offensive and Useful Docker Images for Network Intrusion. The name says it all.
yeswehack/PwnFox
PwnFox is a Firefox/Burp extension that provide usefull tools for your security audit.
psiinon/open-source-web-scanners
A list of open source web security scanners
RenwaX23/XSSTRON
Electron JS Browser To Find XSS Vulnerabilities Automatically
tjnull/TJ-JPT
This repo contains my pentesting template that I have used in PWK and for current assessments. The template has been formatted to be used in Joplin
Fuzzapi/fuzzapi
Fuzzapi is a tool used for REST API pentesting and uses API_Fuzzer gem
e11i0t4lders0n/Web-Application-Pentest-Checklist
Matheus-Garbelini/esp32_bluetooth_classic_sniffer
Active Bluetooth BR/EDR Sniffer/Injector as cheap as any ESP32 board can get. Works with Scapy ;-)
nccgroup/autochrome
This tool downloads, installs, and configures a shiny new copy of Chromium.
daffainfo/match-replace-burp
Useful "Match and Replace" burpsuite rules
trailofbits/it-depends
A tool to automatically build a dependency graph and Software Bill of Materials (SBOM) for packages and arbitrary source code repositories.
barrracud4/image-upload-exploits
This repository contains various media files for known attacks on web applications processing media files. Useful for penetration tests and bug bounty.
dhondta/python-codext
Python codecs extension featuring CLI tools for encoding/decoding anything
prodigysml/Dr.-Watson
Dr. Watson is a simple Burp Suite extension that helps find assets, keys, subdomains, IP addresses, and other useful information! It's your very own discovery side kick, the Dr. Watson to your Sherlock!
PortSwigger/logger-plus-plus
Burp Suite Logger++: Log activities of all the tools in Burp Suite
PortSwigger/co2
A collection of enhancements for Portswigger's popular Burp Suite web penetration testing tool.
IOActive/HL7-Fuzzer
An HL7 message fuzzer ( client and server )
leostera/tldr
Simplified and community-driven man pages