dybhat
Follow
Stars
Deserialization payload generator for a variety of .NET formatters
Create tar/zip archives that can exploit directory traversal vulnerabilities
A collection of custom security tools for quick needs.
A new generation of tool for discovering subdomains( ip , cdn and so on)
Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.
Use unicornscan to quickly scan all open ports, and then pass the open ports to nmap for detailed scans.
Rid_enum is a null session RID cycle attack for brute forcing domain controllers.
Automatically brute force all services running on a target.
gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...
Reverse shell generator written in Python 3.
cracke-dit ("Cracked It") makes it easier to perform regular password audits against Active Directory environments.
Ah shhgit! Find secrets in your code. Secrets detection for your GitHub, GitLab and Bitbucket repositories.
windows-kernel-exploits Windows平台提权漏洞集合
UNIX-like reverse engineering framework and command-line toolset
Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet
Fuzzapi is a tool used for REST API pentesting and uses API_Fuzzer gem
Damn Vulnerable Web Services is an insecure web application with multiple vulnerable web service components that can be used to learn real world web service vulnerabilities. NOTE: This project is o…
OWSAP Damn Vulnerable Web Sockets (DVWS) is a vulnerable web application which works on web sockets for client-server communication.
There is no pre-auth RCE in Jenkins since May 2017, but this is the one!
ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
Fetch all the URLs that the Wayback Machine knows about for a domain