Create your own GitHub profile
Sign up for your own profile on GitHub, the best place to host code, manage projects, and build software alongside 36 million developers.
Sign up
Repositories
WebLogic CNVD-C-2019_48814 CVE-2017-10271 Scan By 7kbstorm
An advanced web directory scanning tool that will be more powerful than DirBuster, Dirsearch, cansina, and Yu Jian.一个高级web目录扫描工具,功能将会强于DirBuster、Dirsearch、cansina、御剑。
SubFinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing.
viewgen is a ViewState tool capable of generating both signed and encrypted payloads with leaked validation keys
A multithreaded tool designed to identify if credentials are valid, invalid, or local admin valid credentials within a network at-scale via SMB, plus now with a user hunter
Curated list of public penetration test reports released by several consulting firms and academic security groups
PowerShell Runspace Post Exploitation Toolkit
RedSnarf is a pen-testing / red-teaming tool for Windows environments
Fast and easy create backdoor office exploitation using module metasploit packet , Microsoft Office , Open Office , Macro attack , Buffer Overflow
Some useful scripts for CobaltStrike
Encoded Reverse Shell Generator With Techniques To Bypass AV's
Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python
Tater is a PowerShell implementation of the Hot Potato Windows Privilege Escalation exploit from @breenmachine and @foxglovesec
Various PowerShell scripts that may be useful during red team exercise
New version of RottenPotato as a C++ DLL and standalone C++ binary - no need for meterpreter or other tools.
PHP Static Analysis Tool - discover bugs in your code without running it!
A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.
Aggressor Script, Kits, Malleable C2 Profiles, External C2 and so on
Legion is an open source, easy-to-use, super-extensible and semi-automated network penetration testing tool that aids in discovery, reconnaissance and exploitation of information systems.
Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules thro…
Penetration tests cases, resources and guidelines.
Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.