#
pentest-tool
Here are 387 public repositories matching this topic...
OneForAll是一款功能强大的子域收集工具
python
osint
subdomain
content-security-policy
recon
bugbounty
information-gathering
pentest-tool
zone-transfers
subdomain-scanner
nsec
subdomain-takeover
subdomain-enumeration
subdomain-bruteforcing
subdomain-crawler
subdomain-collection
subdomian-find
oneforall
altname
crossdomainxml
-
Updated
Nov 29, 2020 - Python
Fully automated offensive security framework for reconnaissance and vulnerability scanning
osint
hacking
subdomain
penetration-testing
bugbounty
scanning
hacking-tool
information-gathering
security-tools
reconnaissance
pentest-tool
osmedeus
-
Updated
Dec 4, 2020 - Python
The LAZY script will make your life easier, and of course faster.
shortcut
penetration-testing
shell-script
pentesting
wifiphisher
wpa-cracker
kali-linux
bypass-av
metasploit-framework
payload
pixie-dust
bypass-antivirus
wifi-password
wpa2-handshake
antivirus-evasion
payload-generator
sqlinjection
pentest-tool
wifi-testing
eternalblue-doublepulsar-metasploit
kali-scripts
-
Updated
Nov 30, 2020 - Shell
A minimalist command line knowledge base manager
cli
knowledge
notebook
notes
methodology
knowledge-base
procedures
cheatsheets
pentest-tool
rtfm
notes-management-system
-
Updated
Dec 3, 2020 - Python
A high performance offensive security tool for reconnaissance and vulnerability scanning
osint
scanner
hacking
enumeration
fuzzing
pentesting
offensive-security
hacking-tool
security-scanner
vulnerability-assessment
information-gathering
reconnaissance
pentest-tool
vulnerability-scanner
raccoon
-
Updated
Mar 5, 2020 - Python
XSS'OR - Hack with JavaScript.
-
Updated
Aug 19, 2020 - JavaScript
An advanced web directory & file scanning tool that will be more powerful than DirBuster, Dirsearch, cansina, and Yu Jian.一个高级web目录、文件扫描工具,功能将会强于DirBuster、Dirsearch、cansina、御剑。
-
Updated
Dec 3, 2020 - Python
SSRF (Server Side Request Forgery) testing resources
-
Updated
Sep 5, 2020 - Python
Decrypt passwords/cookies/history/bookmarks from the browser. 一款可全平台运行的浏览器数据导出解密工具。
-
Updated
Dec 3, 2020 - Go
iOS/macOS/Linux Remote Administration Tool
macos
ios
reverse-shell
jailbreak
exploitation
information-security
meterpreter
pentest-scripts
metasploit
remote-admin-tool
pentest-tool
-
Updated
Dec 7, 2019 - Objective-C
Gives you one-liners that aids in penetration testing operations, privilege escalation and more
linux
database
pentesting-windows
hacking
penetration-testing
reverse
multiplatform
kali-linux
oses
hacking-tool
one-liner
windows-hacking
metasploit
liner
pentest-tool
one-liners
web-delivery
web-based-attacks
payloads-database
liners-database
-
Updated
Apr 23, 2020 - Python
ELHARAKA
commented
Jan 29, 2020
I have been using this tool for awhile and i noticed 50% of the results are false positive. for i,e after cloudflair dump a list of ip addresses for the site origin server it can't detect which one is working so i after i take those ip addresses i test them manually on the both ports 443 & 80 some they work on 443 port and some they only work at 80 port.
Thank you so much for this amazing tool
CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection
security
cryptography
privacy
cipher
hacking
steganography
infosec
pentesting
pentest
hacking-tool
exfiltration
red-team
dlp
data-exfiltration
security-tools
av-evasion
pentest-tool
stego
hacking-tools
pentest-tools
-
Updated
Nov 24, 2020 - Python
Venom - A Multi-hop Proxy for Penetration Testers
tunnel
golang
security
proxy
socks5
pentesting
ctf
ssh-tunnel
venom
pentest-tool
redteam
port-forward
port-reuse
-
Updated
Nov 23, 2020 - Go
Penetration Testing Platform
-
Updated
Jun 21, 2020 - Python
ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
-
Updated
Nov 18, 2020 - Python
Automation for internal Windows Penetrationtest / AD-Security
automation
powershell
pentesting
recon
exploitation
privilege-escalation
pentest-tool
redteam
powersploit
adsecurity
-
Updated
Nov 29, 2020 - PowerShell
Passhunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.
security
password
cybersecurity
penetration-testing
pentest-tool
security-testing
default-password
default-credentials
-
Updated
Dec 23, 2018 - Python
Privilege Escalation Enumeration Script for Windows
-
Updated
Nov 23, 2020 - PowerShell
A tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo
sudo
exploits
ctf
cve
pentest
privilege-escalation
oscp
pentest-tool
linux-exploits
oscp-journey
misconfiguration
oscp-tools
oscp-prep
sudo-exploitation
abuse-sudo
-
Updated
Nov 8, 2020 - Shell
tools
toolkit
python3
penetration-testing
pentesting
beginner
beginner-friendly
kali
ethical-hacking
pentest-tool
penetration-testing-framework
-
Updated
Dec 11, 2019 - HTML
The all-in-one Red Team extension for Web Pentester 🛠
chrome-extension
reverse-shell
firefox-addon
hacking
cybersecurity
firefox-extension
pentesting
red-team
pentest-tool
hacking-tools
red-teaming
hack-tool
hack-tools
-
Updated
Oct 30, 2020 - JavaScript
ODAT: Oracle Database Attacking Tool
-
Updated
Dec 4, 2020 - Python
A runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python.
-
Updated
May 10, 2020 - JavaScript
pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)
reverse-shell
netcat
penetration-testing
remote-shell
pentesting
pentest
nc
port-forwarding
ncat
pivoting
portforward
pentest-tool
bind-shell
pentesting-python
pentesting-tool
remote-port-forward
remote-port-forwarding
local-port-forward
local-port-forwarding
pwncat
-
Updated
Aug 23, 2020 - Shell
有关burpsuite的插件(非商店),文章以及使用技巧的收集(此项目不再提供burpsuite破解文件,如需要请在博客mrxn.net下载)---Collection of burpsuite plugins (non-stores), articles and tips for using Burpsuite, no crack version file
jar
waf
pentesting
sqlmap
burpsuite
burp-extensions
hacktool
pentest-tool
hackbar
burpsuite-extender
burpsuite-tools
j2eescan
burp-requests
-
Updated
Dec 4, 2020 - Python
Find exploit tool
-
Updated
Nov 4, 2020 - Python
The Last Web Recon Tool You'll Need
crawler
whois
python3
ssl-certificate
pentesting
headers
traceroute
javascript-crawler
port-scanning
web-penetration-testing
reconnaissance
pentest-tool
directory-search
subdomain-enumeration
pentesting-tools
webpentest
web-reconnaissance
thewhiteh4t
finalrecon
dns-enumeration
-
Updated
Nov 23, 2020 - Python
"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
security
automation
hacking
infosec
pentesting
pentest
hacking-tool
red-team
security-tools
pentest-tool
blue-team
hacking-tools
red-teams
blue-teams
pentest-tools
-
Updated
May 27, 2020 - Python
Improve this page
Add a description, image, and links to the pentest-tool topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the pentest-tool topic, visit your repo's landing page and select "manage topics."
Hi All,
So I'm trying to use hydra to bruteforce a login on a system that uses custom http headers to receive the username and password. Hydra does not seem to be doing substitution of ^USER^ and ^PASS^ when used as HTTP headers. If I issue issuing a call to hydra like this:
hydra "http-post://0.0.0.0:8000/:H=username\:^USER^:H=password\:^PASS^" -l admin -p adminI see the following r