yrkan

yrkan's Stars

• evilsocket/xray

  XRay is a tool for recon, mapping and OSINT gathering from public networks.

  Language:Go2.2k298

• EdOverflow/can-i-take-over-xyz

  "Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.

  Language:Python4.9k724

• random-robbie/My-Shodan-Scripts

  Collection of Scripts for shodan searching stuff.

  Language:Python1.1k340

• orangetw/My-CTF-Web-Challenges

  Collection of CTF Web challenges I made

  Language:PHP2.7k476

• 1N3/BruteX

  Automatically brute force all services running on a target.

  Language:Shell2k597

• 1N3/BlackWidow

  A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.

  Language:Python1.6k356

• 1N3/ReverseAPK

  Quickly analyze and reverse engineer Android packages

  Language:Shell755165

• 1N3/Findsploit

  Find exploits in local and online databases instantly

  Language:Shell1.7k326

• apsdehal/awesome-ctf

  A curated list of CTF frameworks, libraries, resources and softwares

  Language:JavaScript9.9k1.5k

• peass-ng/PEASS-ng

  PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

  Language:C#16.5k3.1k

• lxc/distrobuilder

  System container image builder for LXC and Incus

  Language:Go607173

• Crypto-Cat/CTF

  CTF chall write-ups, files, scripts etc (trying to be more organised LOL)

  Language:Python1.7k367

• veracode-research/rogue-jndi

  A malicious LDAP server for JNDI injection attacks

  Language:Java1k222

• puzzlepeaches/Log4jUnifi

  Exploiting CVE-2021-44228 in Unifi Network Application for remote code execution and more.

  Language:Python14429

• abhivaikar/howtheytest

  A collection of public resources about how software companies test their software

  Language:HTML6.1k578

• BlackArch/webshells

  Various webshells. We accept pull requests for additions to this collection.

  Language:PHP900334

• OWASP/wstg

  The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

  Language:Dockerfile7.5k1.4k

• projectdiscovery/nuclei-templates

  Community curated list of templates for the nuclei engine to find security vulnerabilities.

  Language:JavaScript9.5k2.7k

• Bo0oM/fuzz.txt

  Potentially dangerous files

  2.9k493

• S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet

  A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

  5.8k1.2k

• shabarkin/pointer

  Pointer was developed for massive hunting and mapping Cobalt Strike servers exposed on the internet.

  Language:Go658

• int0x33/nc.exe

  Netcat for windows 32/64 bit

  Language:C606142

• enaqx/awesome-pentest

  A collection of awesome penetration testing resources, tools and other shiny things

  22.2k4.5k

• calebstewart/pwncat

  Fancy reverse and bind shell handler

  Language:Python2.7k258

• imp/dnsmasq

  Mirror of the upstream dnsmasq repository

  Language:C299151

• gentilkiwi/mimikatz

  A little tool to play with Windows security

  Language:C19.6k3.8k

• m3n0sd0n4ld/GooFuzz

  GooFuzz is a tool to perform fuzzing with an OSINT approach, managing to enumerate directories, files, subdomains or parameters without leaving evidence on the target's server and by means of advanced Google searches (Google Dorking).

  Language:Shell1.4k139

• carlospolop/Auto_Wordlists

  Language:Python1.1k248

• OJ/gobuster

  Directory/File, DNS and VHost busting tool written in Go

  Language:Go10.4k1.2k

• lgandx/Responder

  Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.

  Language:Python5.5k786