• This repository has been archived on 17/May/2022
  • Stars
    star
    6
  • Rank 2,539,965 (Top 51 %)
  • Language
    Java
  • Created over 13 years ago
  • Updated over 13 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

More Repositories

1

PowerUpSQL

PowerUpSQL: A PowerShell Toolkit for Attacking SQL Server
PowerShell
2,444
star
2

MicroBurst

A collection of scripts for assessing Microsoft Azure security
PowerShell
1,982
star
3

SQLInjectionWiki

A wiki focusing on aggregating and documenting various SQL injection methods
HTML
727
star
4

PESecurity

PowerShell module to check if a Windows binary (EXE/DLL) has been compiled with ASLR, DEP, SafeSEH, StrongNaming, and Authenticode.
PowerShell
593
star
5

PowerHuntShares

PowerHuntShares is an audit script designed in inventory, analyze, and report excessive privileges configured on Active Directory domains.
PowerShell
555
star
6

xssValidator

This is a burp intruder extender that is designed for automation and validation of XSS vulnerabilities.
Java
399
star
7

NetblockTool

Find netblocks owned by a company
Python
336
star
8

PowerShell

NetSPI PowerShell Scripts
PowerShell
300
star
9

ESC

Evil SQL Client (ESC) is an interactive .NET SQL console client with enhanced SQL Server discovery, access, and data exfiltration features. While ESC can be a handy SQL Client for daily tasks, it was originally designed for targeting SQL Servers during penetration tests and red team engagements. The intent of the project is to provide an .exe, but also sample files for execution through mediums like msbuild and PowerShell.
C#
278
star
10

WebLogicPasswordDecryptor

PowerShell script and Java code to decrypt WebLogic passwords
Java
240
star
11

sshkey-grab

Grab ssh keys from ssh-agent
Python
217
star
12

JavaSerialKiller

Burp extension to perform Java Deserialization Attacks
Java
205
star
13

django.nV

Vulnerable Django Application
JavaScript
197
star
14

Wsdler

WSDL Parser extension for Burp
Java
189
star
15

Swift.nV

Security Training Tool that demonstrates common mobile application vulnerabilities using Swift in iOS
Swift
180
star
16

aws_consoler

A utility to convert your AWS CLI credentials into AWS console access.
Python
178
star
17

DAFT

DAFT: Database Audit Framework & Toolkit
C#
173
star
18

Powershell-Modules

PowerShell
158
star
19

Burp-Extensions

Central Repo for Burp extensions
Java
141
star
20

BurpCollaboratorDNSTunnel

A DNS tunnel utilizing the Burp Collaborator
Java
97
star
21

BetaFast

Vulnerable thick client applications used as examples in the Introduction to Hacking Desktop Applications blog series
C#
89
star
22

BurpExtractor

A Burp extension for generic extraction and reuse of data within HTTP requests and responses.
Java
89
star
23

AWSSigner

Burp Extension for AWS Signing
Java
86
star
24

AutoDirbuster

Automatically run and save ffuf scans for multiple IPs
Python
74
star
25

SQLC2

SQLC2 is a PowerShell script for deploying and managing a command and control system that uses SQL Server as both the control server and the agent.
PowerShell
72
star
26

PowerHunt

PowerHunt is a modular threat hunting framework written in PowerShell that leverages PowerShell Remoting for data collection on scale.
PowerShell
61
star
27

FuncoPop

Tools for attacking Azure Function Apps
PowerShell
60
star
28

MonkeyWorks

C#
58
star
29

cmdsql

ASP.NET
54
star
30

heapdump-ios

Dump IOS application heap space from memory
Shell
50
star
31

SpoofSpotter

A tool to catch spoofed NBNS responses.
Python
49
star
32

skl

strace keylogger PoC
44
star
33

grails-nV

Vulnerable Grails application
JavaScript
43
star
34

JSONBeautifier

JSON Beautifier for Burp written in Java
Java
36
star
35

asa_tools

Verification tools for CVE-2016-1287
Python
32
star
36

MoneyX

MoneyX is an intentionally vulnerable JSP application used for training developers in application security concepts.
Java
30
star
37

JIG

Jira Information Gatherer
Python
29
star
38

httpillage

Java
26
star
39

HTTPScrapers

NetSPI HTTP Scrapers
Python
25
star
40

binrev

Shell
24
star
41

crossdomainscanner

Python tool for expired domain discovery in crossdomain.xml files
Python
23
star
42

goat.js

Tutorial for Node.js security
CSS
20
star
43

PS_Reflector

PowerShell
19
star
44

PS_MultiCrack

A powershell script for cracking halfLMchall password hashes
PowerShell
19
star
45

PS_CC_Checker

PowerShell
17
star
46

DataLoc

Scan MSSQL databases for payment card data without relying on key words
AutoIt
16
star
47

silkwasm

HTML Smuggling with Web Assembly
Go
15
star
48

Pin

Intel pin tools
C++
12
star
49

ruby_apk_unpack

Ruby Gem to Unpack APK(s)
Ruby
12
star
50

SVNentriesParser

A powershell script to parse SVN entries files into an HTML directory listing
PowerShell
9
star
51

Dekrypto

Ruby
8
star
52

JSWS

JavaScript Web Service Proxy Burp Plugin
Java
7
star
53

gppdecrypt

Stand alone script to decrypt GPP cpassword.
Go
7
star
54

WCF

C#
6
star
55

PycroBurst

Python implementation of select MicroBurst scripts.
Python
6
star
56

Custom-Passive-Scanner

Define custom findings for Burp's Passive Scanner using regex.
Java
5
star
57

doctordocker

Docker Doctor - Automated upgrading of libraries through Docker deployments.
Ruby
5
star
58

osint_scripts

Collection of Scripts of Open Source Intelligence Gathering
Ruby
5
star
59

npm-deps-parser

Parses, summarizes, and prints "npm audit" json output to markdown for nVision reports
Python
4
star
60

DetectionRules

This is a single location to store detection rules of various types.
4
star
61

Scheduled-Task

Native Binary for Creating a Scheduled Task
C++
2
star
62

rails-scope

scoping gem for rails application
Ruby
2
star
63

CollegePresentation

2
star
64

edge-cases-in-web

PHP
1
star
65

brigade-security-scripts

Brigade scripts to perform common Kubernetes and container-level security checks triggered by events.
1
star
66

WikiJekyllTheme

Wiki theme for various NetSPI wikis
HTML
1
star