#go #cve_2021_3560 #cve_2022_0847 #dirtypipe #exploit #gtfobins #hackthebox #infosec #privesc #privilege_escalation #redteam_tools #security_tools

https://github.com/liamg/traitor

#other #awesome #awesome_list #awesome_lists #bugbounty #dns #domain #exploit #hacking #hacking_tools #osint #osint_tool #redteam #redteaming #search_engine #security #security_tools #url #vulnerabilities #vulnerability #wifi_network

https://github.com/edoardottt/awesome-hacker-search-engines

#python #c2 #cybersecurity #hacking #hacking_tool #offensive_security #open_source #penetration_testing #penetration_testing_tools #pentest #pentesting #readteaming #redteam #redteam_tools

https://github.com/t3l3machus/Villain

#cplusplus #anti_forensics #evasion #forensics #post_exploitation #redteam

https://github.com/PaulNorman01/Forensia

#other #exploit #exploitation #penetration_testing #pentest #redteam #windows

https://github.com/suljov/Windows-and-Active-Directory

#html #blueteam #cloud_native #cloud_security #cloudsecurity #container #container_security #devsecops #docker #hacking #infrastructure #k8s #kubernetes #kubernetes_goat #kubernetes_security #owasp #pentesting #redteam #security #vulnerable_app

https://github.com/madhuakula/kubernetes-goat

#go #app #icp #redteam #redteam_tools

ENScan Go is a tool that helps collect information about companies, especially useful for Chinese enterprises. It uses various APIs like 爱企查 (Aiqicha), 天眼查 (Tianyancha), and others to gather data such as website registrations, app information, social media profiles, and more. You can use it to search for specific company details, investment information, suppliers, and even deep-dive into subsidiary companies. The tool is easy to use with command-line options and can export data in a merged format. However, be cautious as using this tool might lead to account restrictions if misused.

The benefit to you is that ENScan Go simplifies the process of collecting detailed company information from multiple sources, saving you time and effort. It also provides flexible options to customize your searches and export the results in a convenient format.

https://github.com/wgpsec/ENScan_GO

#typescript #blueteam #burpsuite #exploit #golang #hacking #hacking_tools #pentest #redteam #redteam_tools #scanner #security

Yakit is a powerful tool for interactive application security testing. It uses a special programming language called Yaklang, which is designed specifically for cybersecurity. Here are the key benefits Yakit provides a user-friendly GUI, making it accessible even for those who don't want to write code.
- **Advanced Features** You can execute custom Yaklang scripts or plugins at any step of penetration testing.
- **Flexible Deployment** There is an active community and detailed documentation available to help you learn and use Yakit effectively.

Overall, Yakit simplifies and enhances your security testing experience with its robust features and user-friendly interface.

https://github.com/yaklang/yakit

#go #brute_force #bruteforce #exploit #fingerprint #pentest #red_team #redteam #scanner #security #webscan

Kscan is a powerful and lightweight scanner tool developed in Go. It offers several key features that benefit users Kscan can perform port scanning, protocol detection, fingerprint recognition, and brute-force cracking.
- **Versatile Input** Unlike other tools, Kscan prioritizes accuracy and comprehensiveness over speed, ensuring high-quality protocol and application layer identification.
- **Multiple Modes** Users can customize settings like proxy usage, thread count, and output formats to suit their needs.

Overall, Kscan provides a robust and flexible tool for security professionals and learners to conduct thorough scans and detections efficiently.

https://github.com/lcvvvv/kscan

#python #cli #cti #cybersecurity #forensics #hacktoberfest #information_gathering #infosec #linux #osint #pentesting #python #python3 #reconnaissance #redteam #sherlock #tools

Sherlock is a powerful tool that helps you find social media accounts by username across over 400 networks. It's easy to use and works on many operating systems like macOS, Linux, and Windows. You can install it using methods like `pipx` or Docker, and then simply type the username you want to search for. Sherlock will show you where that username is used on different social media platforms. This tool is useful for gathering information quickly and can be run locally or even online through services like Apify. It saves time and effort in finding accounts across many platforms.

https://github.com/sherlock-project/sherlock

#python #bounty #bugbounty #bypass #cheatsheet #enumeration #hacking #hacktoberfest #methodology #payload #payloads #penetration_testing #pentest #privilege_escalation #redteam #security #vulnerability #web_application

Payloads All The Things is a comprehensive collection of useful payloads and bypass techniques for web application security testing and penetration testing. It offers detailed documentation for each vulnerability, including how to exploit it and ready-to-use payloads, plus files for tools like Burp Intruder. You can contribute your own payloads or improvements, making it a collaborative resource. It also links to related projects for internal network and hardware pentesting, and provides learning resources like books and videos. Using this resource helps you efficiently find and test security weaknesses in web applications, improving your pentesting effectiveness and knowledge.

https://github.com/swisskyrepo/PayloadsAllTheThings

#python #blueteam #discovery #emails #information_gathering #osint #python #recon #reconnaissance #redteam #subdomain_enumeration

theHarvester is a free, easy-to-use tool that helps you gather public information about a domain, such as emails, subdomains, IPs, and URLs, from many online sources like search engines and databases. It is useful during security testing to understand a company’s external exposure and find potential vulnerabilities. You can run it with Python and it supports features like DNS brute forcing and taking screenshots of found subdomains. Using theHarvester helps you quickly collect valuable data for cybersecurity assessments, making your research more efficient and thorough.

https://github.com/laramies/theHarvester