johnnyxxy
Follow
Stars
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
An open-source PAM tool alternative to CyberArk. 广受欢迎的开源堡垒机。
Impacket is a collection of Python classes for working with network protocols.
Exploitation Framework for Embedded Devices
fsociety Hacking Tools Pack – A Penetration Testing Framework
An open-source post-exploitation framework for students, researchers and developers.
an awesome list of honeypot resources
The Leading Security Assessment Framework for Android.
Server-Side Template Injection and Code Injection Detection and Exploitation Tool
A fast sub domain brute tool for pentesters
PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.
A high performance offensive security tool for reconnaissance and vulnerability scanning
The successor to reDuh, pwn a bastion webserver and create SOCKS proxies through the DMZ. Pivot and pwn.
🔎 Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.
Privilege Escalation Project - Windows / Linux / Mac
An evil RAT (Remote Administration Tool) for macOS / OS X.
Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor
Stealing Signatures and Making One Invalid Signature at a Time
A tool to find subdomains and interesting things hidden inside, external Javascript files of page, folder, and Github.
Uses Empire's (https://github.com/BC-SECURITY/Empire) RESTful API to automate gaining Domain and/or Enterprise Admin rights in Active Directory environments using some of the most common offensive …
RDP monster-in-the-middle (mitm) and library for Python with the ability to watch connections live or after the fact