one-stop resource for all things offensive security.
-
Updated
Sep 20, 2024 - JavaScript
one-stop resource for all things offensive security.
Cloud security testing tool to execute a comprehensive array of attack techniques across multiple surfaces via a simple web interface.
The Most Advanced Client-Side Prototype Pollution Scanner
Discover new target domains using Content Security Policy
This comprehensive and central repository is designed for cybersecurity enthusiasts, researchers, and professionals seeking to stay ahead in the field. It provides a valuable resource for those dedicated to improving their skills in malware development, malware research, offensive security, security defenses and measures.
fipp.py is a flexible, interactive password processor that filters and customizes password lists based on length, special characters, numbers, uppercase requirements, and encoding, with both command-line and interactive modes.
SQLMutant is a comprehensive SQL injection testing tool that provides several features to test for SQL injection vulnerabilities in web applications, uses various techniques to detect vulnerabilities, including pattern matching, error analysis, and timing attacks. The integration of Waybackurls and Arjun allows the tool to find additional
Red Team Toolkit is an Open-Source Django Offensive Web-App which is keeping the useful offensive tools used in the red-teaming together.
C2 and Post Exploitation Code
🏴☠️ BST is an ever-evolving collection of 🛠 tools to help in security and administration tasks 😉
A Burp extension helps identifying injection flaws (LFI, RCE, SQLi), authentication/authorization issues, and HTTP 403 access violations, while also converting HTTP requests to JavaScript for enhanced XSS exploitation.
Red Team tools weaponized
urlyzer is a URL parsing analysis tool.
A collection of techniques, examples and a little bit of theory for manually obfuscating PowerShell scripts to achieve AV evasion, compiled for educational purposes. The contents of this repository are the result of personal research, including reading materials online and conducting trial-and-error attempts in labs and pentests.
OSCP 2023 Preparation Guide | Courses, Tricks, Tutorials, Exercises, Machines
Python tool for phishing
fsociety is a penetration toolkit inspired from MR. ROBOT
ChatGPT terminal assistant with a good memory to be used in ethical hacking, offensive cybersecurity and red teaming. **Warning:** These scripts are for training purposes to accompany a training course. Do not use on real applications without explicit permissions.
Add a description, image, and links to the offensivesecurity topic page so that developers can more easily learn about it.
To associate your repository with the offensivesecurity topic, visit your repo's landing page and select "manage topics."