| apt2 |
175.6732505 |
Automated penetration toolkit. |
|
| automato |
33.0561b59 |
Should help with automating some of the user-focused enumeration tasks during an internal penetration test. |
|
| autonessus |
24.7933022 |
This script communicates with the Nessus API in an attempt to help with automating scans. |
|
| autonse |
25.7c87f4c |
Massive NSE (Nmap Scripting Engine) AutoSploit and AutoScanner. |
|
| autopwn |
190.fc80cef |
Specify targets and run sets of tools against them. |
|
| autorecon |
94.b00b80b |
A multi-threaded network reconnaissance tool which performs automated enumeration of services. |
|
| awsbucketdump |
80.b704285 |
A tool to quickly enumerate AWS S3 buckets to look for loot. |
|
| bashfuscator |
338.7487348 |
Fully configurable and extendable Bash obfuscation framework. |
|
| blueranger |
1.0 |
A simple Bash script which uses Link Quality to locate Bluetooth device radios. |
|
| bopscrk |
72.34fb3fd |
Tool to generate smart wordlists, eg. based on lyrics. |
|
| brutespray |
187.182ac86 |
Brute-Forcing from Nmap output - Automatically attempts default creds on found services. |
|
| brutex |
105.8a2aa3e |
Automatically brute force all services running on a target. |
|
| byepass |
213.8cbfd9b |
Automates password cracking tasks using optimized dictionaries and mangling rules. |
|
| cewl |
122.935c961 |
A custom word list generator. |
|
| cheat-sh |
6 |
The only cheat sheet you need. |
|
| checksec |
2.4.0 |
Tool designed to test which standard Linux OS and PaX security features are being used |
|
| cisco-snmp-enumeration |
10.ad06f57 |
Automated Cisco SNMP Enumeration, Brute Force, Configuration Download and Password Cracking. |
|
| clusterd |
143.d190b2c |
Automates the fingerprinting, reconnaissance, and exploitation phases of an application server attack. |
|
| codeql |
2.5.5 |
The CLI tool for GitHub CodeQL |
|
| commonspeak |
36.f0aad23 |
Leverages publicly available datasets from Google BigQuery to generate wordlists. |
|
| cook |
152.87c7080 |
Easily create word's permutation and combination to generate complex wordlists and passwords. |
|
| crunch |
3.6 |
A wordlist generator for all combinations/permutations of a given character set. |
|
| deathstar |
59.f10fdbf |
Automate getting Domain Admin using Empire. |
|
| dracnmap |
69.09d3945 |
Tool to exploit the network and gathering information with nmap help. |
|
| dumb0 |
19.1493e74 |
A simple tool to dump users in popular forums and CMS. |
|
| easy-creds |
45.bf9f00c |
A bash script that leverages ettercap and other tools to obtain credentials. |
|
| easyda |
7.0867f9b |
Easy Windows Domain Access Script. |
|
| empire |
2463.ce332b5b |
A PowerShell and Python post-exploitation agent. |
|
| findsploit |
85.ee7083a |
Find exploits in local and online databases instantly. |
|
| fstealer |
0.1 |
Automates file system mirroring through remote file disclosure vulnerabilities on Linux machines. |
|
| glue |
380.8703380 |
A framework for running a series of tools. |
|
| google-explorer |
140.0b21b57 |
Google mass exploit robot - Make a google search, and parse the results for a especific exploit you define. |
|
| gooscan |
1.0.9 |
A tool that automates queries against Google search appliances, but with a twist. |
|
| hackersh |
0.2.0 |
A shell for with Pythonect-like syntax, including wrappers for commonly used security tools. |
|
| harpoon |
306.271c974 |
CLI tool for open source and threat intelligence. |
|
| hate-crack |
181.72451c7 |
A tool for automating cracking methodologies through Hashcat. |
|
| intersect |
2.5 |
Post-exploitation framework |
|
| invoke-cradlecrafter |
19.3ff8bac |
PowerShell Remote Download Cradle Generator & Obfuscator. |
|
| invoke-dosfuscation |
7.6260f5b |
Cmd.exe Command Obfuscation Generator & Detection Test Harness. |
|
| invoke-obfuscation |
45.f20e7f8 |
PowerShell Obfuscator. |
|
| koadic |
637.ac46c44 |
A Windows post-exploitation rootkit similar to other penetration testing tools such as Meterpreter and Powershell Empire. |
|
| ldapscripts |
2.0.8 |
Simple shell scripts to handle POSIX entries in an LDAP directory. |
|
| linikatz |
33.8a4a305 |
Tool to attack AD on UNIX. |
|
| linset |
9.8746b1f |
Evil Twin Attack Bash script - An automated WPA/WPA2 hacker. |
|
| lyricpass |
44.b1c8a6a |
Tool to generate wordlists based on lyrics. |
|
| maskprocessor |
0.73 |
A High-Performance word generator with a per-position configurable charset. |
|
| masscan-automation |
26.a170abc |
Masscan integrated with Shodan API. |
|
| massexpconsole |
410.d9cef9e |
A collection of tools and exploits with a cli ui for mass exploitation. |
|
| mentalist |
6.953a07b |
Graphical tool for custom wordlist generation. |
|
| merlin-server |
1.0.1 |
Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang. |
|
| metasploit-autopwn |
12.09320cc |
db_autopwn plugin of metasploit. |
|
| mitmap-old |
0.1 |
Shell Script for launching a Fake AP with karma functionality and launches ettercap for packet capture and traffic manipulation. |
|
| morpheus |
165.5d81c9e |
Automated Ettercap TCP/IP Hijacking Tool. |
|
| msf-mpc |
35.8007ef2 |
Msfvenom payload creator. |
|
| msfenum |
33.17bd3ee |
A Metasploit auto auxiliary script. |
|
| mutator |
51.164132d |
This project aims to be a wordlist mutator with hormones, which means that some mutations will be applied to the result of the ones that have been already done, resulting in something like: corporation -> C0rp0r4t10n_2012 |
|
| nettacker |
0.0.3.2.r0.gb975a7d |
Automated Penetration Testing Framework. |
|
| nfspy |
1.0 |
A Python library for automating the falsification of NFS credentials when mounting an NFS share. |
|
| nfsshell |
19980519 |
Userland NFS command tool. |
|
| nosqlattack |
98.a5b0329 |
Python tool to automate exploit MongoDB server IP on Internet anddisclose the database data by MongoDB default configuration weaknesses and injection attacks. |
|
| nullscan |
1.0.1 |
A modular framework designed to chain and automate security tests. |
|
| openscap |
1.3.5.r103.ga9fbd5872 |
Open Source Security Compliance Solution. |
|
| panoptic |
185.df35a6c |
A tool that automates the process of search and retrieval of content for common log and config files through LFI vulnerability. |
|
| pastejacker |
12.ed9f153 |
Hacking systems with the automation of PasteJacking attacks. |
|
| pasv-agrsv |
57.6bb54f7 |
Passive recon / OSINT automation script. |
|
| penbox |
81.3b77c69 |
A Penetration Testing Framework - The Tool With All The Tools. |
|
| pentmenu |
205.9cc5733 |
A bash script for recon and DOS attacks. |
|
| pin |
3.11.r97998 |
A dynamic binary instrumentation tool. |
|
| portia |
39.2e6e608 |
Automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised. |
|
| pupy |
2988.4b78dc58 |
Opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python. |
|
| pureblood |
37.2c5ce07 |
A Penetration Testing Framework created for Hackers / Pentester / Bug Hunter. |
|
| pyfuscation |
17.6d8d53f |
Obfuscate powershell scripts by replacing Function names, Variables and Parameters. |
|
| python-arsenic |
19.1 |
Async WebDriver implementation for asyncio and asyncio-compatible frameworks. |
|
| recomposer |
2.90f85ed |
Randomly changes Win32/64 PE Files for 'safer' uploading to malware and sandbox sites. |
|
| rhodiola |
4.8bc08a0 |
Personalized wordlist generator with NLP, by analyzing tweets (A.K.A crunch2049). |
|
| rsmangler |
1.4 |
rsmangler takes a wordlist and mangle it |
|
| sakis3g |
0.2.0e |
An all-in-one script for connecting with 3G. |
|
| scap-security-guide |
0.1.56 |
Security compliance content in SCAP, Bash, Ansible, and other formats. |
|
| scap-workbench |
1.2.1 |
SCAP Scanner And Tailoring Graphical User Interface. |
|
| search1337 |
13.c69937e |
1337Day Online Exploit Scanner. |
|
| shellerator |
31.60c5032 |
Simple command-line tool aimed to help pentesters quickly generate one-liner reverse/bind shells in multiple languages. |
|
| shellpop |
148.a145349 |
Generate easy and sophisticated reverse or bind shell commands. |
|
| simple-ducky |
20.f15079e |
A payload generator. |
|
| sipvicious |
459.8922831 |
Tools for auditing SIP devices. |
|
| sn00p |
0.8 |
A modular tool written in bourne shell and designed to chain and automate security tools and tests. |
|
| sn1per |
512.5c8d08f |
Automated Pentest Recon Scanner. |
|
| sploitctl |
3.0.3 |
Fetch, install and search exploit archives from exploit sites like exploit-db and packetstorm. |
|
| spookflare |
24.19491b5 |
Loader, dropper generator with multiple features for bypassing client-side and network-side countermeasures. |
|
| statsprocessor |
0.11 |
A high-performance word-generator based on per-position Markov-attack. |
|
| thefatrat |
785.9927123 |
TheFatRat a massive exploiting tool: easy tool to generate backdoor and easy tool to post exploitation attack. |
|
| tiger |
3.2.3 |
A security scanner, that checks computer for known problems. Can also use tripwire, aide and chkrootkit. |
|
| tlssled |
1.3 |
A Linux shell script whose purpose is to evaluate the security of a target SSL/TLS (HTTPS) web server implementation. |
|
| torctl |
0.5.7 |
Script to redirect all traffic through tor network including dns queries for anonymizing entire system. |
|
| ttpassgen |
133.a06d99d |
Highly flexible and scriptable password dictionary generator based on Python. |
|
| unix-privesc-check |
1.4 |
Tries to find misconfigurations that could allow local unprivilged users to escalate privileges to other users or to access local apps (e.g. databases). |
|
| username-anarchy |
54.d5e653f |
Tools for generating usernames when penetration testing. |
|
| valhalla |
87.c010a48 |
Valhalla API Client. |
|
| veil |
285.c825577 |
A tool designed to generate metasploit payloads that bypass common anti-virus solutions. |
|
| vlan-hopping |
21.a37ba4e |
Easy 802.1Q VLAN Hopping |
|
| voiphopper |
2.04 |
A security validation tool that tests to see if a PC can mimic the behavior of an IP Phone. It rapidly automates a VLAN Hop into the Voice VLAN. |
|
| wifi-autopwner |
36.faa4d01 |
Script to automate searching and auditing Wi-Fi networks with weak security. |
|
| wikigen |
8.348aa99 |
A script to generate wordlists out of wikipedia pages. |
|
| wmd |
30.32e249a |
Python framework for IT security tools. |
|
| wnmap |
0.1 |
A shell script written with the purpose to automate and chain scans via nmap. You can run nmap with a custom mode written by user and create directories for every mode with the xml/nmap files inside. |
|