| apt2 |
175.6732505 |
Automated penetration toolkit. |
|
| automato |
31.4ac82e6 |
Should help with automating some of the user-focused enumeration tasks during an internal penetration test. |
|
| autonessus |
24.7933022 |
This script communicates with the Nessus API in an attempt to help with automating scans. |
|
| autonse |
23.ab4a21e |
Massive NSE (Nmap Scripting Engine) AutoSploit and AutoScanner. |
|
| autopwn |
190.fc80cef |
Specify targets and run sets of tools against them. |
|
| autorecon |
51.d705884 |
A multi-threaded network reconnaissance tool which performs automated enumeration of services. |
|
| autovpn |
18.28b1a87 |
Easily connect to a VPN in a country of your choice. |
|
| awsbucketdump |
76.f8a6301 |
A tool to quickly enumerate AWS S3 buckets to look for loot. |
|
| bashfuscator |
321.263bce1 |
Fully configurable and extendable Bash obfuscation framework. |
|
| blueranger |
1.0 |
A simple Bash script which uses Link Quality to locate Bluetooth device radios. |
|
| bopscrk |
28.f1b2aef |
Tool to generate smart wordlists, eg. based on lyrics. |
|
| brutespray |
137.788b8e8 |
Brute-Forcing from Nmap output - Automatically attempts default creds on found services. |
|
| brutex |
86.93f094f |
Automatically brute force all services running on a target. |
|
| byepass |
209.a41a650 |
Automates password cracking tasks using optimized dictionaries and mangling rules. |
|
| cewl |
68.cb242f1 |
A custom word list generator. |
|
| cheat-sh |
6 |
The only cheat sheet you need. |
|
| checksec |
2.1.0 |
Tool designed to test which standard Linux OS and PaX security features are being used |
|
| cisco-snmp-enumeration |
10.ad06f57 |
Automated Cisco SNMP Enumeration, Brute Force, Configuration Download and Password Cracking. |
|
| clusterd |
143.d190b2c |
Automates the fingerprinting, reconnaissance, and exploitation phases of an application server attack. |
|
| commonspeak |
36.f0aad23 |
Leverages publicly available datasets from Google BigQuery to generate wordlists. |
|
| crunch |
3.6 |
A wordlist generator for all combinations/permutations of a given character set. |
|
| deathstar |
51.86f9cda |
Automate getting Domain Admin using Empire. |
|
| dracnmap |
69.09d3945 |
Tool to exploit the network and gathering information with nmap help. |
|
| dumb0 |
19.1493e74 |
A simple tool to dump users in popular forums and CMS. |
|
| easy-creds |
45.bf9f00c |
A bash script that leverages ettercap and other tools to obtain credentials. |
|
| easyda |
7.0867f9b |
Easy Windows Domain Access Script. |
|
| empire |
1509.08cbd27 |
A PowerShell and Python post-exploitation agent. |
|
| findsploit |
72.b386d21 |
Find exploits in local and online databases instantly. |
|
| fstealer |
0.1 |
Automates file system mirroring through remote file disclosure vulnerabilities on Linux machines. |
|
| glue |
379.bb5d5a7 |
A framework for running a series of tools. |
|
| google-explorer |
140.0b21b57 |
Google mass exploit robot - Make a google search, and parse the results for a especific exploit you define. |
|
| gooscan |
1.0.9 |
A tool that automates queries against Google search appliances, but with a twist. |
|
| hackersh |
0.2.0 |
A shell for with Pythonect-like syntax, including wrappers for commonly used security tools. |
|
| harpoon |
202.7e24ae8 |
CLI tool for open source and threat intelligence. |
|
| hate-crack |
149.d8be0df |
A tool for automating cracking methodologies through Hashcat. |
|
| intersect |
2.5 |
Post-exploitation framework |
|
| koadic |
511.c9915f3 |
A Windows post-exploitation rootkit similar to other penetration testing tools such as Meterpreter and Powershell Empire. |
|
| ldapscripts |
2.0.8 |
Simple shell scripts to handle POSIX entries in an LDAP directory. |
|
| linikatz |
12.50289ac |
Tool to attack AD on UNIX. |
|
| linset |
9.8746b1f |
Evil Twin Attack Bash script - An automated WPA/WPA2 hacker. |
|
| lyricpass |
41.4071b3c |
Tool to generate wordlists based on lyrics. |
|
| maskprocessor |
0.73 |
A High-Performance word generator with a per-position configurable charset. |
|
| masscan-automation |
26.a170abc |
Masscan integrated with Shodan API. |
|
| massexpconsole |
207.0d2762f |
A collection of tools and exploits with a cli ui for mass exploitation. |
|
| mentalist |
6.953a07b |
Graphical tool for custom wordlist generation. |
|
| merlin-server |
0.7.0 |
Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang. |
|
| metasploit-autopwn |
11.5598fe1 |
db_autopwn plugin of metasploit. |
|
| mitmap-old |
0.1 |
Shell Script for launching a Fake AP with karma functionality and launches ettercap for packet capture and traffic manipulation. |
|
| morpheus |
165.5d81c9e |
Automated Ettercap TCP/IP Hijacking Tool. |
|
| msf-mpc |
23.eb2279a |
Msfvenom payload creator. |
|
| msfenum |
33.17bd3ee |
A Metasploit auto auxiliary script. |
|
| mutator |
51.164132d |
This project aims to be a wordlist mutator with hormones, which means that some mutations will be applied to the result of the ones that have been already done, resulting in something like: corporation -> C0rp0r4t10n_2012 |
|
| nfspy |
1.0 |
A Python library for automating the falsification of NFS credentials when mounting an NFS share. |
|
| nfsshell |
19980519 |
Userland NFS command tool. |
|
| nosqlattack |
94.93c9bde |
Python tool to automate exploit MongoDB server IP on Internet anddisclose the database data by MongoDB default configuration weaknesses and injection attacks. |
|
| openscap |
1.3.1.r81.g0e939e1ab |
Open Source Security Compliance Solution. |
|
| panoptic |
185.df35a6c |
A tool that automates the process of search and retrieval of content for common log and config files through LFI vulnerability. |
|
| pastejacker |
12.ed9f153 |
Hacking systems with the automation of PasteJacking attacks. |
|
| pasv-agrsv |
57.6bb54f7 |
Passive recon / OSINT automation script. |
|
| penbox |
81.3b77c69 |
A Penetration Testing Framework - The Tool With All The Tools. |
|
| pentmenu |
194.9b7a007 |
A bash script for recon and DOS attacks. |
|
| pin |
3.11.r97998 |
A dynamic binary instrumentation tool. |
|
| portia |
38.36b974a |
Automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised. |
|
| pupy |
2988.4b78dc58 |
Opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python. |
|
| pureblood |
37.2c5ce07 |
A Penetration Testing Framework created for Hackers / Pentester / Bug Hunter. |
|
| python-arsenic |
19.1 |
Async WebDriver implementation for asyncio and asyncio-compatible frameworks. |
|
| rsmangler |
1.4 |
rsmangler takes a wordlist and mangle it |
|
| sakis3g |
0.2.0e |
An all-in-one script for connecting with 3G. |
|
| scap-security-guide |
0.1.45 |
Security compliance content in SCAP, Bash, Ansible, and other formats. |
|
| scap-workbench |
1.2.0 |
SCAP Scanner And Tailoring Graphical User Interface. |
|
| search1337 |
13.c69937e |
1337Day Online Exploit Scanner. |
|
| shellpop |
148.a145349 |
Generate easy and sophisticated reverse or bind shell commands. |
|
| simple-ducky |
20.f15079e |
A payload generator. |
|
| sipvicious |
295.3646856 |
Tools for auditing SIP devices |
|
| sn00p |
0.8 |
A modular tool written in bourne shell and designed to chain and automate security tools and tests. |
|
| sn1per |
353.6e34fe1 |
Automated Pentest Recon Scanner. |
|
| sploitctl |
3.0.0 |
Fetch, install and search exploit archives from exploit sites like exploit-db and packetstorm. |
|
| spookflare |
24.19491b5 |
Loader, dropper generator with multiple features for bypassing client-side and network-side countermeasures. |
|
| statsprocessor |
0.11 |
A high-performance word-generator based on per-position Markov-attack. |
|
| thefatrat |
645.2444b15 |
TheFatRat a massive exploiting tool: easy tool to generate backdoor and easy tool to post exploitation attack. |
|
| tiger |
3.2.3 |
A security scanner, that checks computer for known problems. Can also use tripwire, aide and chkrootkit. |
|
| tlssled |
1.3 |
A Linux shell script whose purpose is to evaluate the security of a target SSL/TLS (HTTPS) web server implementation. |
|
| torctl |
0.5.5 |
Script to redirect all traffic through tor network including dns queries for anonymizing entire system. |
|
| unix-privesc-check |
1.4 |
Tries to find misconfigurations that could allow local unprivilged users to escalate privileges to other users or to access local apps (e.g. databases). |
|
| username-anarchy |
54.d5e653f |
Tools for generating usernames when penetration testing. |
|
| veil |
268.4372d43 |
A tool designed to generate metasploit payloads that bypass common anti-virus solutions. |
|
| vlan-hopping |
21.a37ba4e |
Easy 802.1Q VLAN Hopping |
|
| voiphopper |
2.04 |
A security validation tool that tests to see if a PC can mimic the behavior of an IP Phone. It rapidly automates a VLAN Hop into the Voice VLAN. |
|
| wikigen |
8.348aa99 |
A script to generate wordlists out of wikipedia pages. |
|
| wnmap |
0.1 |
A shell script written with the purpose to automate and chain scans via nmap. You can run nmap with a custom mode written by user and create directories for every mode with the xml/nmap files inside. |
|