EggShell is a post exploitation surveillance tool written in Python. It gives you a command line session with extra functionality between you and a target machine. EggShell gives you the power and convenience of uploading/downloading files, tab completion, taking pictures, location tracking, shell command execution, persistence, escalating privileges, password retrieval, and much more. This is project is a proof of concept, intended for use on machines you own. Eggshell payloads are executed on the target machine. The payload first sends over instructions for getting and sending back device details to our server and then chooses the appropriate executable to establish a secure remote control session.
ios pentest-tool pentest-scripts information-security metasploit exploitation remote-admin-tool meterpreter reverse-shell jailbreakRaccoon is a tool made for reconnaissance and information gathering with an emphasis on simplicity. It will do everything from fetching DNS records, retrieving WHOIS information, obtaining TLS data, detecting WAF presence and up to threaded dir busting and subdomain enumeration. Every scan outputs to a corresponding file. As most of Raccoon's scans are independent and do not rely on each other's results, it utilizes Python's asyncio to run most scans asynchronously.
reconnaissance scanner vulnerability-assessment vulnerability-scanner enumeration pentesting pentest-tool hacking-tool offensive-security security-scanner fuzzing information-gathering hacking raccoon osintI AM NOT RESPONSIBLE HOW YOU USE THIS TOOL.BE LEGAL AND NOT STUPID. This script will make your life easier, and of course faster.
kali-scripts kali-linux shell-script payload-generator payload wifi-testing penetration-testing pentesting pentest-tool wifi-password wpa2-handshake wpa-cracker pixie-dust metasploit-framework eternalblue-doublepulsar-metasploit wifiphisher antivirus-evasion bypass-av bypass-antivirus sqlinjectionCloakifyFactory & the Cloakify Toolset - Data Exfiltration & Infiltration In Plain Sight; Evade DLP/MLS Devices; Social Engineering of Analysts; Defeat Data Whitelisting Controls; Evade AV Detection. Text-based steganography using lists. Convert any file type (e.g. executables, Office, Zip, images) into a list of everyday strings. Very simple tools, powerful concept, limited only by your imagination. For a quick start on CloakifyFactory, see the cleverly titled file "README_GETTING_STARTED.txt" in the project for a walkthrough.
cipher data-exfiltration hacking pentesting exfiltration steganography cryptography dlp av-evasion privacy security security-tools infosec red-team pentest pentest-tool hacking-tool hacking-tools pentest-tools stegoXSS'OR - Hack with JavaScript. It contains three major modules: Encode/Decode, Codz, Probe.
probe pentest-tool xss csrf encoding hacking-tool pentest hackhttpx is a fast and multi-purpose HTTP toolkit allow to run multiple probers using retryablehttp library, it is designed to maintain the result reliability with increased threads. This will display help for the tool. Here are all the switches it supports.
http osint pipeline cybersecurity ssl-certificate bugbounty pentest-toolCloudFlair is a tool to find origin servers of websites protected by CloudFlare who are publicly exposed and don't restrict network access to the CloudFlare IP ranges as they should. The tool uses Internet-wide scan data from Censys to find exposed IPv4 hosts presenting an SSL certificate associated with the target's domain name.
cloudflare pentest-tool pentestODAT (Oracle Database Attacking Tool) is an open source penetration testing tool that tests the security of Oracle Databases remotely. Tested on Oracle Database 10g, 11g and 12c.
oracle-database pentest-tool pentest privilege-escalationOne-Lin3r is simple and light-weight framework inspired by the web-delivery module in Metasploit. The payloads database is not big now because this the first edition but it will get bigger with updates and contributions.
hacking hacking-tool web-delivery metasploit one-liners one-liner pentest-tool pentesting-windows penetration-testing web-based-attacks web-attacks kali-linux windows-hacking multiplatformThe DumpsterFire Toolset is a modular, menu-driven, cross-platform tool for building repeatable, time-delayed, distributed security events. Easily create custom event chains for Blue Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Turn paper tabletop exercises into controlled "live fire" range events. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts. The toolset is designed to be dynamically extensible, allowing you to create your own Fires (event modules) to add to the included collection of toolset Fires. Just write your own Fire module and drop it into the FireModules directory. The DumpsterFire toolset will auto-detect your custom Fires at startup and make them available for use.
pentesting hacking hacking-tool pentest-tool automation security security-tools infosec pentest red-team blue-team red-teams blue-teams pentest-tools hacking-toolsPompem is an open source tool, designed to automate the search for Exploits and Vulnerability in the most important databases. Developed in Python, has a system of advanced search, that help the work of pentesters and ethical hackers. In the current version, it performs searches in PacketStorm security, CXSecurity, ZeroDay, Vulners, National Vulnerability Database, WPScan Vulnerability Database ... You can download the latest tarball by clicking here or latest zipball by clicking here.
exploit-database pentest-tool exploits security-toolsMSDAT (Microsoft SQL Database Attacking Tool) is an open source penetration testing tool that tests the security of Microsoft SQL Databases remotely. Tested on Microsof SQL database 2005, 2008 and 2012.
mssql-database pentest-tool pentest privilege-escalationHouse: A runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python. It is designed for helping assess mobile applications by implementing dynamic function hooking and intercepting and intended to make Frida script writing as simple as possible. By default, House binds to http://127.0.0.1:8000.
frida mobile pentest-tool androidDocumentation available on the wiki.
python3 aws pentest-toolA REST API security testing framework.
security security-tools rest-api pentesting pentest-toolI'm developing Habu to teach (and learn) some concepts about Python and Network Hacking. These are basic functions that help with some tasks for Ethical Hacking and Penetration Testing.
network-analysis networking scapy python3 security-tools hacking penetration-testing pentesting pentest pentest-tool pentesting-networks security-audit security-testinghackerEnv is an automation tool that quickly and easily sweep IPs and scan ports, vulnerabilities and exploit them. Then, it hands you an interactive shell for further testing. Also, it generates HTML and docx reports. It uses other tools such as nmap, nikto, metasploit and hydra. Works in kali linux and Parrot OS.
pentesting pentest kali-linux hacking-tool vulnerability-scanners vulnerability-assessment pentest-scripts pentesterlab pentest-tool kali-scripts hacking-tools pentester kali-toolsDocker images for infosec tools
docker-image docker metasploit arachni fierce nikto nmap wireshark wpscan nessus pentest pentest-toolThis is a tool to enumerate subdomains using the Certificate Transparency logs stored by Censys. It should return any subdomain who has ever been issued a SSL certificate by a public CA. Should run on Python 2.7 and 3.5.
subdomain-scanner subdomains pentest-tool osint recon enumerate-subdomains certificate-transparency-logsNSEInfo is a tool to interactively search through nmap's NSE scripts. If your NSE scripts are not the standard location /usr/share/nmap/scripts/, you can use the -l or --location option to provide your customized path.
nmap nmap-scan-script pentesting nsescript nse-script pentest-tool
We have large collection of open source products. Follow the tags from
Tag Cloud >>
Open source products are scattered around the web. Please provide information
about the open source projects you own / you use.
Add Projects.