Stars
One place for all the default credentials to assist the Blue/Red teamers identifying devices with default password 🛡️
lgandx / Responder
Forked from SpiderLabs/ResponderResponder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authenticat…
Open Source Vulnerability Management Platform
AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.
Automated All-in-One OS Command Injection Exploitation Tool.
EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.
"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
The Penetration Testers Framework (PTF) is a way for modular support for up-to-date tools.
A supercharged AWS command line interface (CLI).
Bjorn is a powerful network scanning and offensive security tool for the Raspberry Pi with a 2.13-inch e-Paper HAT. It discovers network targets, identifies open ports, exposed services, and potent…
Open Source Intelligence gathering tool aimed at reducing the time spent harvesting information from open sources.
Privacy enhanced BitTorrent client with P2P content discovery
🎮 ⌨ An easy to use tool to change the behaviour of your input devices.
w3af: web application attack and audit framework, the open source web vulnerability scanner.
Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authenticat…
Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management
P4wnP1 is a highly customizable USB attack platform, based on a low cost Raspberry Pi Zero or Raspberry Pi Zero W.
Villain is a high level stage 0/1 C2 framework that can handle multiple reverse TCP & HoaxShell-based shells, enhance their functionality with additional features (commands, utilities) and share th…
SSH server & client security auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc)
Automatic Movie Downloading via NZBs & Torrents
Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's powershell attacks and the powershell bypass technique present…
A Python module for creating Excel XLSX files.
pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.
Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.