ethical-hacking

This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.

Source code for the book "Black Hat Python" by Justin Seitz. The code has been fully converted to Python 3, reformatted to comply with PEP8 standards and refactored to eliminate dependency issues involving the implementation of deprecated libraries.

The Python Code Tutorials

👶 BabySploit Beginner Pentesting Toolkit/Framework Written in Python 🐍

Source code for the book "Violent Python" by TJ O'Connor. The code has been fully converted to Python 3, reformatted to comply with PEP8 standards and refactored to eliminate dependency issues involving the implementation of deprecated libraries.

Pentesting Using Android

A Network Packet Sniffing tool developed in Python 3.

Lockphish it's the first tool (07/04/2020) for phishing attacks on the lock screen, designed to grab Windows credentials, Android PIN and iPhone Passcode using a https link.

Vagrant VirtualBox environment for conducting an internal network penetration test

Windows post-exploitation tools, resources, techniques and commands to use during post-exploitation phase of penetration test. Contributions are appreciated. Enjoy!

OSINT-SAN Framework дает возможность быстро находить информацию и деанонимизировать пользователей сети интернет.

Penetration testing utility and antivirus assessment tool.

PHP shells that work on Linux OS, macOS, and Windows OS.

HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.

Work in progress...

PowerShell scripts for communicating with a remote host.

It embeds the executable file or payload inside the jpg file. The method the program uses isn't exactly called one of the steganography methods. For this reason, it does not cause any distortion in the JPG file. The JPG file size and payload do not have to be proportional.The JPG file is displayed normally in any viewing application or web application. It can bypass various security programs such as firewall, antivirus. If the file is examined in detail, it is easier to detect than steganography methods. However, since the payload in the JPG file is encrypted, it cannot be easily decrypted. It also uses the "garbage code insertion/dead-code insertion" method to prevent the payload from being caught by the antivirus at runtime.

A pure-Python ARP Cache Poisoning (a.k.a "ARP Spoofing") tool

An advanced multi-threaded, multi-client python reverse shell for hacking linux systems. There's still more work to do so feel free to help out with the development. Disclaimer: This reverse shell should only be used in the lawful, remote administration of authorized systems. Accessing a computer network without authorization or permission is illegal.

Find exposed API keys based on RegEx and get exploitation methods for some of keys that are found

XSScope is one of the most powerful and advanced GUI Framework for Modern Browser exploitation via XSS.

Recursos de hacking ético

Fast CRLF injection scanning tool

Steganograpy in Python | Hide files or data in Image Files

Australian Open Source Intelligence Gathering Resources, Australias Largest Open Source Intelligence Repository for Cyber Professionals and Ethical Hackers

Bypass 4xx HTTP response status codes. Based on PycURL.

A list of useful payloads and Bypass for Web Application Security and Bug Bounty/CTF

A living document for penetration testing and offensive security.

Exploit pack for pentesters and ethical hackers.