hellmanboys Goto Github PK

0day-elfinder-2020

agartha

a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to spot authentication/authorization issues, and converts Http requests to Javascript for further XSS exploitation.

air-legacy

Air::Legacy: A fast, portable and efficient library based on Lorcon2, aircrack-ng and pixie-wps. Written in XS for perl penetration tester and wireless-security experts

arjun

HTTP parameter discovery suite.

assetfinder

Find domains and subdomains related to a given domain

autorecon

AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.

awesome-bug-bounty

A comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.

basecrack

Decode All Bases - Base Scheme Decoder

burpsuite-team-extension

This Burpsuite plugin allows for multiple web app testers to share their proxy history with each other in real time. Requests that comes through your Burpsuite instance will be replicated in the history of the other testers and vice-versa!

burpsuitebypasswaf

cheatsheetseries

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

crypter

Crypter - Python3 based builder and ransomware compiled to Windows executable using PyInstaller

ctf-difficulty

This cheasheet is aimed at the CTF Players and Beginners to help them sort the CTF Challenges on the basis of Difficulties.

cyberchef

The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis

domain_hunter

A Burp Suite Extension that try to find all sub-domain, similar-domain and related-domain of an organization automatically! 基于流量自动收集整个企业或组织的子域名、相似域名、相关域名的burp插件

echopwn

Recon Automation for hackers by hackers

etcher

Flash OS images to SD cards & USB drives, safely and easily.

grayfish

Gray Fish provides fully undetectable phishing pages means link will not get blocked and hosting provider will not suspend your account.All Templates are under 20KBs.Login form can't be bypass until both inputs filled by a victim.

hack-tools

The all-in-one Red Team extension for Web Pentester 🛠

hackertarget-unofficial

This Tool Helps You To Use HackerTarget Services From Your Terminal. This Tool Is Very Useful If You Want To Be Anonymous & If You Don't Have Proxy/VPN Service Installed In Your Local Machine.

howtohunt

Tutorials and Things to Do while Hunting Vulnerability.

http-revshell

Powershell reverse shell using HTTP/S protocol with AMSI bypass and Proxy Aware

httpx

httpx is a fast and multi-purpose HTTP toolkit allow to run multiple probers using retryablehttp library, it is designed to maintain the result reliability with increased threads.

idor_explorer

Collection of automated tools to aid in IDOR exploration

kali-linux-cheatsheet

Kali Linux Cheat Sheet for Penetration Testers

malicious-pdf

💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh

mixewayscanner

Mixeway Scanner is Spring Boot application which aggregate integration with number of OpenSource Vulnerability scanners - both SAST and DAST types

mobileapp-pentest-cheatsheet

The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.

ninja

Open source C2 server created for stealth red team operations

nuclei

Nuclei is a fast tool for configurable targeted scanning based on templates offering massive extensibility and ease of use.