Modlishka. Reverse Proxy.
📦 Make security testing of K8s, Docker, and Containerd easier.
Villain is a high level stage 0/1 C2 framework that can handle multiple reverse TCP & HoaxShell-based shells, enhance their functionality with additional features (commands, utilities) and share them ...
#安卓#一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具,可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如:Title、Domain、CDN、指纹信息、状态信息等。
Automating situational awareness for cloud penetration tests.
SSH based reverse shell
Automatic SSTI detection tool with interactive interface
Dude Suite Web Security Tools
An HTTP/HTTPS intercept proxy written in Go.
Statically-linked ssh server with reverse shell functionality for CTFs and such
Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hackmanit.de/).
Dangerously fast DNS/network/port scanner
JustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)
🍉一款基于Python-Django的多功能Web安全渗透测试工具,包含漏洞扫描,端口扫描,指纹识别,目录扫描,旁站扫描,域名扫描等功能。
Spoofy is a program that checks if a list of domains can be spoofed based on SPF and DMARC records.
A rapid API for the Project Sonar dataset
A command-line utility designed to discover URLs for a given domain in a simple, efficient way. It works by gathering information from a variety of passive sources, meaning it doesn't interact directl...
新一代Webshell管理器,兼容蚁剑与冰蝎的PHP webshell