Stars
Run macOS VM in a Docker! Run near native OSX-KVM in Docker! X11 Forwarding! CI/CD for OS X Security Research! Docker mac Containers.
Some setup scripts for security research tools.
Scripted Local Linux Enumeration & Privilege Escalation Checks
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Linux privilege escalation auditing tool
The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!
A repository with 3 tools for pwn'ing websites with .git repositories available
快速搭建各种漏洞环境(Various vulnerability environment)
Git All the Payloads! A collection of web attack payloads.
Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
Automatically brute force all services running on a target.
update-golang is a script to easily fetch and install new Golang releases with minimum system intrusion
pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)
A curated list of the most common and most interesting robots.txt disallowed directories.
Asset inventory of over 800 public bug bounty programs.
Content discovery wordlists generated using BigQuery
Automated security reporting from markdown templates (HackerOne and Bugcrowd are currently the platforms supported)
An automated approach to performing recon for bug bounty hunting and penetration testing.
Pillage web accessible GIT, HG and BZR repositories
The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices
An automation framework for running multiple open sourced subdomain bruteforcing tools (in parallel) using your own wordlists via Docker Compose
bash script to facilitate some aspects of an Android application assessment