#
Starred repositories
712
stars
written in Python
Clear filter
本程序旨在为安全应急响应人员对Linux主机排查时提供便利,实现主机侧Checklist的自动全面化检测,根据检测结果自动数据聚合,进行黑客攻击路径溯源。
Like nmap for mapping wifi networks you're not connected to, plus device tracking
Home Assistant custom component for control Xiaomi Multimode Gateway (aka Gateway 3), Xiaomi Multimode Gateway 2, Aqara Hub E1 on default firmwares over LAN
Privilege Escalation Project - Windows / Linux / Mac
Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.
JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool
Generates permutations, alterations and mutations of subdomains and then resolves them
A collection of Azure AD/Entra tools for offensive and defensive security purposes
The next-gen reverse proxy for full site mirroring
Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor
An evil RAT (Remote Administration Tool) for macOS / OS X.
A fast vulnerability scanner helps pentesters pinpoint possibly vulnerable targets from a large number of web servers
Powerful framework for rogue access point attack.
SecretFinder - A python script for find sensitive data (apikeys, accesstoken,jwt,..) and search anything on javascript files
macro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments…
This tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface.
gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...
AWS API Gateway management tool for creating on the fly HTTP pass-through proxies for unique IP rotation
DEPRECATED - MozDef: Mozilla Enterprise Defense Platform
Extract credentials from lsass remotely
Tool for advanced mining for content on Github
针对SpringBoot的开源渗透框架,以及Spring相关高危漏洞利用工具
A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.