appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training
Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands on training!
Language: CSS
#application_security #aws_security #azure_security #free #opensource #penetration_testing #pentesting
Stars: 237 Issues: 1 Forks: 75
https://github.com/appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training

liamg/gitjacker
🔪 :octocat: Leak git repositories from misconfigured websites
Language: Go
#git #hacking #penetration_testing #pentesting #red_team
Stars: 109 Issues: 2 Forks: 10
https://github.com/liamg/gitjacker

EONRaider/Packet-Sniffer
A pure-Python Network Packet Sniffing tool
Language: Python
#ctypes #ethical_hacking #network_programming #packet_sniffer #pentesting_tools #tcp_ip
Stars: 146 Issues: 2 Forks: 12
https://github.com/EONRaider/Packet-Sniffer

ihebski/DefaultCreds-cheat-sheet
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Language: Jupyter Notebook
#blueteam #bugbounty #cheatsheet #credentials_gathering #cybersecurity #default_password #infosec #pentest #pentesting #security
Stars: 167 Issues: 0 Forks: 22
https://github.com/ihebski/DefaultCreds-cheat-sheet

skerkour/black-hat-rust
Deep dive into offensive security with the rust programming language - Early access
Language: Rust
#audit #beacon #c2 #cc #implant #offensive #offensive_security #pentest #pentesting #red_team #red_teaming #rust #security
Stars: 129 Issues: 0 Forks: 2
https://github.com/skerkour/black-hat-rust

r3curs1v3-pr0xy/vajra
Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.
Language: JavaScript
#bug_bounty #hacking #information_gathering #osint #pentest_tool #pentesting #recon #scanner #vajra #web_hacking
Stars: 118 Issues: 1 Forks: 26
https://github.com/r3curs1v3-pr0xy/vajra

tnpitsecurity/ligolo-ng
An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.
Language: Go
#golang #pentesting #post_exploitation #offensive_security #tunneling #pivoting #pentest_tool #redteam
Stars: 92 Issues: 1 Forks: 5
https://github.com/tnpitsecurity/ligolo-ng

jonaslejon/malicious-pdf
Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator
Language: Python
#pdf #pdf_generation #penetration_test #penetration_testing #penetrationtesting #pentesting #pentesting_tools
Stars: 99 Issues: 0 Forks: 9
https://github.com/jonaslejon/malicious-pdf

EmYiQing/Gososerial
Dynamically Generates Ysoserial's Payload by Golang
Language: Go
#deserialization #gadget #java_deserialization #pentesting #pentesting_tools #vulnerability #ysoserial
Stars: 119 Issues: 0 Forks: 7
https://github.com/EmYiQing/Gososerial

kh4sh3i/ICS-Pentesting-Tools
A curated list of tools related to Industrial Control System (ICS) security and Penetration Testing
#ics #ics_security #pentest_tool #pentesting #pentesting_tools #scada #scada_exploitation #scada_framework #scada_security
Stars: 141 Issues: 1 Forks: 16
https://github.com/kh4sh3i/ICS-Pentesting-Tools

V1V1/OffensiveAutoIt
Offensive tooling notes and experiments in AutoIt v3 (https://www.autoitscript.com/site/autoit/)
Language: AutoIt
#autoit #autoit3 #pentesting #post_exploitation
Stars: 151 Issues: 1 Forks: 18
https://github.com/V1V1/OffensiveAutoIt

Puliczek/CVE-2021-44228-PoC-log4j-bypass-words
🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - A trick to bypass words blocking patches
Language: Java
#bugbounttips #bugbounty #bugbounty_writeups #cve #cve_2021_44228 #cybersecurity #exploit #hacking #log4j #payload #pentest #pentesting #red_team #security #security_writeups #writeups
Stars: 191 Issues: 0 Forks: 38
https://github.com/Puliczek/CVE-2021-44228-PoC-log4j-bypass-words

Puliczek/awesome-list-of-secrets-in-environment-variables
🦄🔒 Awesome list of secrets in environment variables 🖥️
#blue_team #bugbounttips #bugbounty #cve_2021_44228 #cybersecurity #exploit #log4j #pentesting #poc #red_team #security #security_writeups #writeups
Stars: 139 Issues: 0 Forks: 9
https://github.com/Puliczek/awesome-list-of-secrets-in-environment-variables

Esc4iCEscEsc/skanuvaty
Dangerously fast DNS/network/port scanner
Language: Rust
#cybersecurity #dns #dns_client #hacking_tools #osint_tool #penetration_testing #penetration_testing_tools #pentest #pentesting #redteam #redteam_tools #rust #rust_lang #scanner #security #security_tools #subdomain_enumeration #subdomain_scanner
Stars: 139 Issues: 6 Forks: 6
https://github.com/Esc4iCEscEsc/skanuvaty

Puliczek/CVE-2022-0337-PoC-Google-Chrome-Microsoft-Edge-Opera
🎩 🤟🏻 [P1-$10,000] Google Chrome, Microsoft Edge and Opera - vulnerability reported by Maciej Pulikowski - System environment variables leak - CVE-2022-0337
Language: HTML
#bugbounty #bugbounty_writeups #bugbountytips #cve #cve_2022_0337 #cybersecurity #exploit #hacking #payload #pentest #pentesting #red_team #security #security_writeups #writeups
Stars: 131 Issues: 0 Forks: 22
https://github.com/Puliczek/CVE-2022-0337-PoC-Google-Chrome-Microsoft-Edge-Opera

trickest/resolvers
The most exhaustive list of reliable DNS resolvers.
#brute_force #bug_bounty #cybersecurity #dns #infosec #network #pentesting #red_team #resolver #resolvers #security #security_tool
Stars: 68 Issues: 0 Forks: 5
https://github.com/trickest/resolvers

OPENCYBER-FR/RustHound
Active Directory data collector for BloodHound written in rust. 🦀
Language: Rust
#active_directory #bloodhound #collector #cross_compiled #cross_platform #network #pentesting #rust #windows
Stars: 175 Issues: 2 Forks: 8
https://github.com/OPENCYBER-FR/RustHound