sqlmapproject / sqlmap

Automatic SQL injection and database takeover tool

sql-injection detection exploitation takeover python database pentesting vulnerability-scanner

Python Updated May 28, 2019

n1nj4sec / pupy

Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool…

pupy python remote-access post-exploitation pentesting windows linux android rat shell reverse-shell reflective-injection backdoor payload meterpreter remote-admin-tool mac-os

Python Updated May 14, 2019

OWASP / owasp-mstg

4.2k

The Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security development, testing and …

mobile-app pentesting android-application ios-app runtime-analysis network-analysis static-analysis reverse-engineering dynamic-analysis mobile-security

Good first issues

Add 8.7 and 8.8 for android and ios: show how you can delay the attacker or report tampering to the backend

Good first issue

#1113 opened 5 months ago by commjoen

2

Create testcase issues on data storage for Parse and CouchDB

Good first issue help wanted

#1041 opened 8 months ago by commjoen

Add Practical Examples for Detection and Exploitation of Code Quality Flaws

Good first issue enhancement

#797 opened over 1 year ago by b-mueller

4

HTML Updated May 25, 2019

vanhauser-thc / thc-hydra

2.7k

hydra

penetration-testing password-cracker network-security hydra thc pentesting pentest pentest-tool brute-force brute-force-passwords bruteforce-attacks brute-force-attacks bruteforcing bruteforcer bruteforce password-cracking

Good first issues

The program is pause when the folder is read

good first issue bug

#316 opened about 1 year ago by src-kun

2

C Updated May 28, 2019

byt3bl33d3r / CrackMapExec

2.7k

A swiss army knife for pentesting networks

python active-directory pentesting windows powershell networks

Python Updated Apr 12, 2019

1N3 / Sn1per

2.7k

Automated pentest framework for offensive security experts

Shell Updated May 20, 2019

maurosoria / dirsearch

2.3k

Web path scanner

fuzzer fuzzing python pentest bruteforce security dirsearch dirbuster hacking pentesting penetration-testing

Python Updated May 16, 2019

infobyte / faraday

2.2k

Collaborative Penetration Test and Vulnerability Management Platform

devops faraday penetration-testing vulnerability vulnerability-scanners security security-audit pentesting continuous-scanning collaborative infosec vulnerability-management

Python Updated May 8, 2019

infosecn1nja / Red-Teaming-Toolkit

2.1k

A collection of open source and commercial tools that aid in red team operations.

red-team hacking infosec pentesting

Updated Apr 14, 2019

ysrc / xunfeng

2.1k

巡风是一款适用于企业内网的漏洞快速应急，巡航扫描系统。

security pentesting infosec exploits security-audit vulnerability-detection scanner vulnerability-assessment vulnerability-scanners

Python Updated May 27, 2019

rmusser01 / Infosec_Reference

2k

An Information Security Reference That Doesn't Suck

infosec infosec-reference reverse-engineering hacking pentesting penetration-testing references linux privilege-escalation exfiltration information-security blueteam red-team windows osx forensics hacking-simulator privilege-escalation-exploits mitre-attack-db

Python Updated Apr 10, 2019

bkimminich / juice-shop

2k

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

owasp javascript vulnerable hacking application-security owasp-top-10 owasp-top-ten pentesting vulnapp appsec ctf

Good first issues

Unintentional Forged Feedback

good first issue bug

#822 opened 3 months ago by navyspeed

3

Introduce Issue Templates

documentation wontfix

#1043 opened 4 days ago by bkimminich

Hacking Instructor

documentation challenge

#440 opened over 1 year ago by bkimminich

6

JavaScript Updated May 28, 2019

commixproject / commix

1.9k

Automated All-in-One OS command injection and exploitation tool.

python command-injection detection exploitation pentesting vulnerability-scanner

Python Updated May 28, 2019

OJ / gobuster

1.8k

Directory/file & DNS busting tool written in Go

go pentesting tool dns web

Go Updated May 24, 2019

tanprathan / MobileApp-Pentest-Cheatsheet

1.8k

The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mo…

mobile-app pentesting android-application ios-app runtime-analysis network-analysis static-analysis reverse-engineers dynamic-analysis

Updated May 26, 2019

mwrlabs / drozer

1.8k

The Leading Security Assessment Framework for Android.

drozer android security pentesting java mobile mwr

Python Updated May 12, 2019

Ullaakut / cameradar

1.7k

Cameradar hacks its way into RTSP videosurveillance cameras

penetration-testing security hacking infosec rtsp cctv cameras hacking-tool pentesting security-tools netsec

Go Updated May 27, 2019

bluscreenofjeff / Red-Team-Infrastructure-Wiki

1.7k

Wiki to collect Red Team infrastructure hardening resources

infrastructure redirector cobalt-strike empire red-team pentesting

Updated Mar 25, 2019

arismelachroinos / lscript

1.6k

The LAZY script will make your life easier, and of course faster.

Shell Updated May 13, 2019

v1s1t0r1sh3r3 / airgeddon

1.5k

This is a multi-use bash script for Linux systems to audit wireless networks.

Shell Updated May 26, 2019

evyatarmeged / Raccoon

1.5k

A high performance offensive security tool for reconnaissance and vulnerability scanning

reconnaissance scanner vulnerability-assessment vulnerability-scanner enumeration pentesting pentest-tool hacking-tool offensive-security security-scanner fuzzing information-gathering hacking raccoon osint

Python Updated Nov 24, 2018

D4Vinci / Cr3dOv3r

1.4k

Know the dangers of credential reuse attacks.

hacking hacking-tool pentesting credentials stealth leaks haveibeenpwned hacked-emails credential-reuse-attacks leak haveibeenpwnd

Python Updated Mar 28, 2019

xdavidhu / mitmAP

1.4k

📡 A python program to create a fake AP and sniff data.

pentesting hacking wifi fake-ap kali-linux infosec python mitm access-point wireless

Python Updated Feb 6, 2018

subfinder / subfinder

1.3k

SubFinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework…

Good first issues

Implement Permutation Generation

good first issue enhancement

#125 opened 10 months ago by Ice3man543

2

fix windows colors support

good first issue bug

#112 opened 11 months ago by picatz

Perform Recursive Wildcard Elimination

good first issue enhancement

#46 opened about 1 year ago by Ice3man543

Go Updated Apr 1, 2019

GrrrDog / Java-Deserialization-Cheat-Sheet

1.2k

The cheat sheet about Java Deserialization vulnerabilities

javadeser java-deserialization pentesting

Updated May 2, 2019

almandin / fuxploider

1.2k

File upload vulnerability scanner and exploitation tool.

python3 pentesting exploitation takeover vulnerability-scanner detection

Python Updated Feb 27, 2019

UnaPibaGeek / ctfr

1.2k

Abusing Certificate Transparency logs for getting HTTPS websites subdomains.

certificate-transparency certificate-transparency-logs information-gathering pentesting hacking

Python Updated Mar 2, 2019

Marten4n6 / EvilOSX

1.2k

An evil RAT (Remote Administration Tool) for macOS / OS X.

rat reverse-shell macos macosx mac backdoor python osx post-exploitation pentesting python3

Python Updated Jan 18, 2019

OlivierLaflamme / Cheatsheet-God

1.1k

Penetration Testing / OSCP Biggest Reference Bank / Cheatsheet

Updated May 22, 2019

archerysec / archerysec

1.1k

Centralize Vulnerability Assessment and Management for DevSecOps Team

vulnerability-assessment vulnerabilities scanning pentesting vulnerability-management opensource pentesters secdevops devops devops-tools devsecops

JavaScript Updated May 25, 2019

pentesting

Repositories 808

Good first issues

Good first issues

Good first issues

Good first issues