Stars
A simple splunk package for obtaining reverse shells on both Windows and most *nix systems.
Nishang - Offensive PowerShell for red team, penetration testing and offensive security.
A super small jsp webshell with file upload capabilities.
Joomla! Core 1.5.0 - 3.9.4 - Directory Traversal / Authenticated Arbitrary File Deletion in Python3
EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.
PortSwigger / inql
Forked from doyensec/inqlInQL - A Burp Extension for GraphQL Security Testing
graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology is behind a given GraphQL endpoint.
GraphQL threat framework used by security professionals to research security gaps in GraphQL implementations
A platform to create documentation/wiki content built with PHP & Laravel
SCADA StrangeLove Default/Hardcoded Passwords List
Exposing CharmingKitten's malicious activity for IRGC-IO Counterintelligence division (1500)
This tool generates gopher link for exploiting SSRF and gaining RCE in various servers
A semi-interactive PHP shell compressed into a single file.
Automatic SQL injection and database takeover tool
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…
OpenFuck exploit updated to linux 2018 - Apache mod_ssl < 2.8.7 OpenSSL - Remote Buffer Overflow
Take a list of domains and probe for working HTTP and HTTPS servers
In-depth attack surface mapping and asset discovery
Sample pentest report provided by TCM Security
Another Windows Local Privilege Escalation from Service Account to System
Abusing impersonation privileges through the "Printer Bug"
A sugared version of RottenPotatoNG, with a bit of juice, i.e. another Local Privilege Escalation tool, from a Windows Service Accounts to NT AUTHORITY\SYSTEM.