| apt2 |
183.8075cdc |
Automated penetration toolkit. |
|
| automato |
33.0561b59 |
Should help with automating some of the user-focused enumeration tasks during an internal penetration test. |
|
| autonessus |
24.7933022 |
This script communicates with the Nessus API in an attempt to help with automating scans. |
|
| autonse |
25.7c87f4c |
Massive NSE (Nmap Scripting Engine) AutoSploit and AutoScanner. |
|
| autopwn |
190.fc80cef |
Specify targets and run sets of tools against them. |
|
| autorecon |
288.fd87c99 |
A multi-threaded network reconnaissance tool which performs automated enumeration of services. |
|
| awsbucketdump |
82.4684670 |
A tool to quickly enumerate AWS S3 buckets to look for loot. |
|
| bashfuscator |
338.7487348 |
Fully configurable and extendable Bash obfuscation framework. |
|
| blueranger |
1.0 |
A simple Bash script which uses Link Quality to locate Bluetooth device radios. |
|
| bopscrk |
v2.4.7.r2.g7eede16 |
Tool to generate smart wordlists, eg. based on lyrics. |
|
| brutespray |
496.4c709ab |
Brute-Forcing from Nmap output - Automatically attempts default creds on found services. |
|
| brutex |
114.eacd084 |
Automatically brute force all services running on a target. |
|
| byepass |
213.8cbfd9b |
Automates password cracking tasks using optimized dictionaries and mangling rules. |
|
| cewl |
189.447ccc1 |
A custom word list generator. |
|
| cheat-sh |
6 |
The only cheat sheet you need. |
|
| cisco-snmp-enumeration |
10.ad06f57 |
Automated Cisco SNMP Enumeration, Brute Force, Configuration Download and Password Cracking. |
|
| clusterd |
143.d190b2c |
Automates the fingerprinting, reconnaissance, and exploitation phases of an application server attack. |
|
| codeql |
2.8.1 |
The CLI tool for GitHub CodeQL |
|
| commonspeak |
36.f0aad23 |
Leverages publicly available datasets from Google BigQuery to generate wordlists. |
|
| cook |
v2.2.1.r13.gbabf5ba |
Easily create word's permutation and combination to generate complex wordlists and passwords. |
|
| crunch |
3.6 |
A wordlist generator for all combinations/permutations of a given character set. |
|
| deathstar |
60.d7bcbfd |
Automate getting Domain Admin using Empire. |
|
| dorkscout |
1.0.r13.gdd87daf |
Golang tool to automate google dork scan against the entire internet or specific targets. |
|
| dracnmap |
69.09d3945 |
Tool to exploit the network and gathering information with nmap help. |
|
| dumb0 |
19.1493e74 |
A simple tool to dump users in popular forums and CMS. |
|
| easy-creds |
45.bf9f00c |
A bash script that leverages ettercap and other tools to obtain credentials. |
|
| easyda |
7.0867f9b |
Easy Windows Domain Access Script. |
|
| emp3r0r |
v3.4.2.r0.g83a9cd20 |
Linux post-exploitation framework made by linux user. |
|
| empire |
v6.1.2.r0.g34c0f16 |
A PowerShell and Python post-exploitation agent. |
|
| findsploit |
87.3e61d8d |
Find exploits in local and online databases instantly. |
|
| fstealer |
0.1 |
Automates file system mirroring through remote file disclosure vulnerabilities on Linux machines. |
|
| glue |
380.8703380 |
A framework for running a series of tools. |
|
| go-exploitdb |
v0.6.0.r0.g54196e1 |
Tool for searching Exploits from Exploit Databases, etc. |
|
| google-explorer |
140.0b21b57 |
Google mass exploit robot - Make a google search, and parse the results for a especific exploit you define. |
|
| gooscan |
1.0.9 |
A tool that automates queries against Google search appliances, but with a twist. |
|
| hackersh |
0.2.0 |
A shell for with Pythonect-like syntax, including wrappers for commonly used security tools. |
|
| harpoon |
386.52c1071 |
CLI tool for open source and threat intelligence. |
|
| hate-crack |
223.58c7ec8 |
A tool for automating cracking methodologies through Hashcat. |
|
| havoc-c2 |
856.fb67b76 |
Modern and malleable post-exploitation command and control framework. |
|
| intersect |
2.5 |
Post-exploitation framework. |
|
| invoke-cradlecrafter |
19.3ff8bac |
PowerShell Remote Download Cradle Generator & Obfuscator. |
|
| invoke-dosfuscation |
7.6260f5b |
Cmd.exe Command Obfuscation Generator & Detection Test Harness. |
|
| invoke-obfuscation |
45.f20e7f8 |
PowerShell Obfuscator. |
|
| koadic |
3.457f9a3 |
A Windows post-exploitation rootkit similar to other penetration testing tools such as Meterpreter and Powershell Empire. |
|
| ldapscripts |
2.0.8 |
Simple shell scripts to handle POSIX entries in an LDAP directory. |
|
| linikatz |
48.d9cfdbf |
Tool to attack AD on UNIX. |
|
| linset |
9.8746b1f |
Evil Twin Attack Bash script - An automated WPA/WPA2 hacker. |
|
| lyricpass |
45.fd31d07 |
Tool to generate wordlists based on lyrics. |
|
| maskprocessor |
0.73 |
A High-Performance word generator with a per-position configurable charset. |
|
| masscan-automation |
26.a170abc |
Masscan integrated with Shodan API. |
|
| massexpconsole |
v2.3.5.r1.g530c880 |
A collection of tools and exploits with a cli ui for mass exploitation. |
|
| mentalist |
6.953a07b |
Graphical tool for custom wordlist generation. |
|
| merlin-server |
1.3.0 |
Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang. |
|
| metasploit-autopwn |
12.09320cc |
db_autopwn plugin of metasploit. |
|
| mitmap-old |
0.1 |
Shell Script for launching a Fake AP with karma functionality and launches ettercap for packet capture and traffic manipulation. |
|
| morpheus |
165.5d81c9e |
Automated Ettercap TCP/IP Hijacking Tool. |
|
| msf-mpc |
35.8007ef2 |
Msfvenom payload creator. |
|
| msfenum |
36.6c6b77e |
A Metasploit auto auxiliary script. |
|
| mutator |
51.164132d |
This project aims to be a wordlist mutator with hormones, which means that some mutations will be applied to the result of the ones that have been already done, resulting in something like: corporation -> C0rp0r4t10n_2012 |
|
| nettacker |
0.4.0.r93.gcd34fba6 |
Automated Penetration Testing Framework. |
|
| nfspy |
1.0 |
A Python library for automating the falsification of NFS credentials when mounting an NFS share. |
|
| nfsshell |
19980519 |
Userland NFS command tool. |
|
| nosqlattack |
98.a5b0329 |
Python tool to automate exploit MongoDB server IP on Internet anddisclose the database data by MongoDB default configuration weaknesses and injection attacks. |
|
| nullscan |
1.0.1 |
A modular framework designed to chain and automate security tests. |
|
| octopwnweb |
14.e0f83ee |
Internal pentest framework running in your browser via WebAssembly, powerd by Pyodide |
|
| openscap |
1.4.2.r24.g963dd63f1 |
Open Source Security Compliance Solution. |
|
| panoptic |
207.fbd10fd |
A tool that automates the process of search and retrieval of content for common log and config files through LFI vulnerability. |
|
| pastejacker |
12.ed9f153 |
Hacking systems with the automation of PasteJacking attacks. |
|
| pasv-agrsv |
57.6bb54f7 |
Passive recon / OSINT automation script. |
|
| penbox |
81.3b77c69 |
A Penetration Testing Framework - The Tool With All The Tools. |
|
| pentestgpt |
v0.14.0.r5.gbb6741c |
A penetration testing tool empowered by ChatGPT. It is designed to automate the penetration testing process. |
|
| pentmenu |
220.0cd7b58 |
A bash script for recon and DOS attacks. |
|
| pin |
3.28.r98749 |
A dynamic binary instrumentation tool. |
|
| portia |
39.2e6e608 |
Automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised. |
|
| pupy |
2988.4b78dc58 |
Opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python. |
|
| pureblood |
37.2c5ce07 |
A Penetration Testing Framework created for Hackers / Pentester / Bug Hunter. |
|
| pyfuscation |
17.6d8d53f |
Obfuscate powershell scripts by replacing Function names, Variables and Parameters. |
|
| recomposer |
2.90f85ed |
Randomly changes Win32/64 PE Files for 'safer' uploading to malware and sandbox sites. |
|
| rhodiola |
4.8bc08a0 |
Personalized wordlist generator with NLP, by analyzing tweets (A.K.A crunch2049). |
|
| rsmangler |
1.4 |
rsmangler takes a wordlist and mangle it |
|
| sakis3g |
0.2.0e |
An all-in-one script for connecting with 3G. |
|
| scap-security-guide |
0.1.60 |
Security compliance content in SCAP, Bash, Ansible, and other formats. |
|
| scap-workbench |
1.2.1 |
SCAP Scanner And Tailoring Graphical User Interface. |
|
| search1337 |
11.bf03ec9 |
1337Day Online Exploit Scanner. |
|
| shellerator |
34.c325e3d |
Simple command-line tool aimed to help pentesters quickly generate one-liner reverse/bind shells in multiple languages. |
|
| shellpop |
148.a145349 |
Generate easy and sophisticated reverse or bind shell commands. |
|
| shellz |
161.0ed068f |
A script for generating common revshells fast and easy. |
|
| simple-ducky |
20.f15079e |
A payload generator. |
|
| sipvicious |
463.20fd851 |
Tools for auditing SIP devices. |
|
| sn00p |
0.8 |
A modular tool written in bourne shell and designed to chain and automate security tools and tests. |
|
| sn1per |
619.ed440db |
Automated Pentest Recon Scanner. |
|
| sploitctl |
3.0.4 |
Fetch, install and search exploit archives from exploit sites like exploit-db and packetstorm. |
|
| spookflare |
24.19491b5 |
Loader, dropper generator with multiple features for bypassing client-side and network-side countermeasures. |
|
| statsprocessor |
0.11 |
A high-performance word-generator based on per-position Markov-attack. |
|
| thefatrat |
813.b0586d0 |
TheFatRat a massive exploiting tool: easy tool to generate backdoor and easy tool to post exploitation attack. |
|
| tiger |
3.2.3 |
A security scanner, that checks computer for known problems. Can also use tripwire, aide and chkrootkit. |
|
| tlssled |
1.3 |
A Linux shell script whose purpose is to evaluate the security of a target SSL/TLS (HTTPS) web server implementation. |
|
| torctl |
0.5.7 |
Script to redirect all traffic through tor network including dns queries for anonymizing entire system. |
|
| ttpassgen |
133.a06d99d |
Highly flexible and scriptable password dictionary generator based on Python. |
|
| unix-privesc-check |
1.4 |
Tries to find misconfigurations that could allow local unprivilged users to escalate privileges to other users or to access local apps (e.g. databases). |
|
| username-anarchy |
72.e063191 |
Tools for generating usernames when penetration testing. |
|
| valhalla-api |
87.c010a48 |
Valhalla API Client. |
|
| veil |
297.d8acd4c |
A tool designed to generate metasploit payloads that bypass common anti-virus solutions. |
|
| vlan-hopping |
21.a37ba4e |
Easy 802.1Q VLAN Hopping |
|
| voiphopper |
2.04 |
A security validation tool that tests to see if a PC can mimic the behavior of an IP Phone. It rapidly automates a VLAN Hop into the Voice VLAN. |
|
| wifi-autopwner |
36.faa4d01 |
Script to automate searching and auditing Wi-Fi networks with weak security. |
|
| wikigen |
8.348aa99 |
A script to generate wordlists out of wikipedia pages. |
|
| wmd |
30.32e249a |
Python framework for IT security tools. |
|
| wnmap |
0.1 |
A shell script written with the purpose to automate and chain scans via nmap. |
|