Displaying 1 to 20 from 75 results

arachni - Web Application Security Scanner Framework

  •    Ruby

Arachni is a feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications. It is smart, it trains itself by monitoring and learning from the web application's behavior during the scan process and is able to perform meta-analysis using a number of factors in order to correctly assess the trustworthiness of results and intelligently identify (or avoid) false-positives.

nishang - Nishang - Offensive PowerShell for penetration testing and offensive security.

  •    PowerShell

Import all the scripts in the current PowerShell session (PowerShell v3 onwards). Use the individual scripts with dot sourcing.

EQGRP - Decrypted content of eqgrp-auction-file.tar.xz

  •    Perl

Nested Tar archives have been uncompressed in the archive_files folder.




Free-Security-eBooks - Free Security and Hacking eBooks

  •    

A curated list of free Security and Pentesting related E-Books available on the Internet. If you want to contribute to this list (please do), send a pull request. All contributors will be recognized and appreciated.

Sn1per - Automated Pentest Recon Scanner

  •    PHP

Sn1per Community Edition is an automated scanner that can be used during a penetration test to enumerate and scan for vulnerabilities. Sn1per Professional is Xero Security's premium reporting addon for Professional Penetration Testers, Bug Bounty Researchers and Corporate Security teams to manage large environments and pentest scopes. For more information regarding Sn1per Professional, go to https://xerosecurity.com. To obtain a Sn1per Professional license, go to https://xerosecurity.com.

cameradar - Cameradar hacks its way into RTSP videosurveillance cameras

  •    Go

See command-line options. e.g.: docker run -t ullaakut/cameradar -t 192.168.100.0/24 -l will scan the ports 554 and 8554 of hosts on the 192.168.100.0/24 subnetwork and attack the discovered RTSP streams and will output debug logs.


awesome-hacking - Awesome hacking is an awesome collection of hacking tools.

  •    Python

Awesome hacking is a curated list of hacking tools for hackers, pentesters and security researchers. Its goal is to collect, classify and make awesome tools easy to find by humans, creating a toolset you can checkout and update with one command. Every kind of contribution is really appreciated! Follow the :doc:`contribute`.

KeychainCracker - macOS keychain cracking tool

  •    Objective-C

macOS keychain cracking tool. I wrote this software in order to help relatives of a deceased friend to recover data from his computer. Please enjoy it responsibly, and please do not hack/harm people.

scripts - Scripts I use during pentest engagements.

  •    Python

This is a collection of scripts I have written to use in pentests. Let me know if there are any problems with the scripts. If you have any suggestions for new scripts let me know as well; I am always looking for new ideas.

tools - security and hacking tools, exploits, proof of concepts, shellcodes, scripts

  •    Assembly

This section offers a selection of our fully featured security and hacking tools. We also provide some exploits, proof of concept code, shellcodes and snippets. That means some tools are not tested and may not have the feature set. If you find some bugs or if you have any questions, ideas or criticism regarding to this section, feel free to message us.

BruteX - Automatically brute force all services running on a target.

  •    Shell

This software is free to distribute, modify and use with the condition that credit is provided to the creator (1N3@CrowdShield) and is not for commercial use. Donations are welcome. This will help fascilitate improved features, frequent updates and better overall support for sniper.

PrivEsc - A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.

  •    C

A collection of Windows, Linux and MySQL privilege escalation scripts and exploits. For pre-compiled local linux exploits, check out https://www.kernel-exploits.com.

CHAOS - :fire: CHAOS allow generate payloads and control remote Windows systems.

  •    Go

CHAOS allow generate payloads and control remote Windows systems. 📚 This project was created only for learning purpose.

h4cker - This repository is primarily maintained by Omar Santos and includes resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more

  •    Java

This repository includes thousands of cybersecurity-related references and resources and it is maintained by Omar Santos. This GitHub repository has been created to provide supplemental material to several books, video courses, and live training created by Omar Santos and other co-authors. It provides over 6,000 references, scripts, tools, code, and other resources that help offensive and defensive security professionals learn and develop new skills. This GitHub repository provides guidance on how build your own hacking environment, learn about offensive security (ethical hacking) techniques, vulnerability research, exploit development, reverse engineering, malware analysis, threat intelligence, threat hunting, digital forensics and incident response (DFIR), includes examples of real-life penetration testing reports, and more. These courses serve as comprehensive guide for any network and security professional who is starting a career in ethical hacking and penetration testing. It also can help individuals preparing for the Offensive Security Certified Professional (OSCP), the Certified Ethical Hacker (CEH), CompTIA PenTest+ and any other ethical hacking certification. This course helps any cyber security professional that want to learn the skills required to becoming a professional ethical hacker or that want to learn more about general hacking methodologies and concepts.

extractTVpasswords - tool to extract passwords from TeamViewer memory using Frida

  •    C++

  Hi there, in this article we want to tell about our little research about password security in TeamViewer. The method can help during the pentest time for post exploitation to get access to another machine using TeamViewer.   A few days ago I worked on my windows cloud VPS with TeamViewer (where I set a custom password). After work I disconnected, at the next time when I wanted to connect, I saw that TeamViewer had auto-filled the password.