#java #cve_2021_44228 #cve_2021_45046 #cybersecurity #log4j #pentest #sca

https://github.com/mergebase/log4j-detector

#other #api_hacking #api_pentest #api_sec #api_security #apisec #awesome_list #fuzzing #hack_apis #pentest #security

https://github.com/arainho/awesome-api-security

#python #bugbounty #bugbounty_tool #crlf_injection #crlf_injection_scanner #ethical_hacking #pentest_tool #pentesting #webapp_pentesting

https://github.com/Nefcore/CRLFsuite

#hack #attack #bash #cracking #crypto #ddos #exploitation_framework #framework #hacking #kali_linux #mrrobot #oscp #oswp #parrotsec #pentest #pentesting #python3 #wef #wifi

https://github.com/D3Ext/WEF

#go #0day #attack #auto #brute_force #bugbounty #bugbounty_tools #golang #hacker #hacktools #nmap #nuclei #pentest_tool #ssh #tools #vulnerabilities_scan

https://github.com/hktalent/scan4all

#python #bugbounty #docker #hacking #kali #metasploit #offensive #pentest #traefik

https://github.com/khast3x/Redcloud

#rust #c2 #pentest_tool #post_exploitation #rat #remote_control #trojan_rat

https://github.com/b23r0/Heroinn

#python #aptrs #django #penetration_testing #pentest_report #pentesting #pentesting_tools #reporting

https://github.com/Anof-cyber/APTRS

#python #c2 #cybersecurity #hacking #hacking_tool #offensive_security #open_source #penetration_testing #penetration_testing_tools #pentest #pentesting #readteaming #redteam #redteam_tools

https://github.com/t3l3machus/Villain

#other #cheatsheet #cybersecurity #enumeration #hacking #linux #payload #penetration_testing #pentest #pentest_tools #pentesting #red_team #red_team_tools #resources #security_tools #tools #windows

https://github.com/A-poc/RedTeam-Tools

#shell #active_directory #adsecurity #automation #bloodhound #bypass_antivirus #bypass_edr #crackmapexec #enumeration #exploitation #hacking #impacket #kerberoast #penetration_testing #pentest_tool #pentesting

https://github.com/lefayjey/linWinPwn

#shell #attack_surface #attack_surface_management #attacksurface #bugbounty_platform #cybersecurity #hacking #hacking_tools #osint_framework #osint_tool #penetration_testing #pentest_scripts #pentest_tool #pentest_tools #pentesting #pentesting_tools #security #security_tools #sn1per #sn1per_professional

https://github.com/1N3/Sn1per

#python #blueteam #bugbounty #cheatsheet #credentials_gathering #cybersecurity #default_password #exploit #infosec #offensive_security #pentest #pentesting

https://github.com/ihebski/DefaultCreds-cheat-sheet

#other #exploit #exploitation #penetration_testing #pentest #redteam #windows

https://github.com/suljov/Windows-and-Active-Directory

#typescript #blueteam #burpsuite #exploit #golang #hacking #hacking_tools #pentest #redteam #redteam_tools #scanner #security

Yakit is a powerful tool for interactive application security testing. It uses a special programming language called Yaklang, which is designed specifically for cybersecurity. Here are the key benefits Yakit provides a user-friendly GUI, making it accessible even for those who don't want to write code.
- **Advanced Features** You can execute custom Yaklang scripts or plugins at any step of penetration testing.
- **Flexible Deployment** There is an active community and detailed documentation available to help you learn and use Yakit effectively.

Overall, Yakit simplifies and enhances your security testing experience with its robust features and user-friendly interface.

https://github.com/yaklang/yakit

#go #afrog #bug_bounty #penetration_testing #pentest #poc #red_teaming #vulnerability_scanner #vulnerability_scanning_tools

Afrog is a powerful tool for security professionals, especially those involved in bug bounty, penetration testing, and red teaming. It is a high-performance vulnerability scanner that is fast, stable, and has low false positives. Afrog supports user-defined Proof of Concepts (PoCs) and comes with various built-in types like CVE, CNVD, default passwords, and more. It generates detailed HTML vulnerability reports and allows customizable and updatable PoCs.

Using afrog, you can quickly scan websites for vulnerabilities, create HTML reports, and even store results in a database for easy access via a web interface. The tool is open-source, has an active community, and can be installed using Go or by downloading binaries from GitHub.

Overall, afrog enhances your security defense capabilities by providing a robust and efficient way to identify and remediate vulnerabilities.

https://github.com/zan8in/afrog

#go #brute_force #bruteforce #exploit #fingerprint #pentest #red_team #redteam #scanner #security #webscan

Kscan is a powerful and lightweight scanner tool developed in Go. It offers several key features that benefit users Kscan can perform port scanning, protocol detection, fingerprint recognition, and brute-force cracking.
- **Versatile Input** Unlike other tools, Kscan prioritizes accuracy and comprehensiveness over speed, ensuring high-quality protocol and application layer identification.
- **Multiple Modes** Users can customize settings like proxy usage, thread count, and output formats to suit their needs.

Overall, Kscan provides a robust and flexible tool for security professionals and learners to conduct thorough scans and detections efficiently.

https://github.com/lcvvvv/kscan

#python #android #android_malware #dynamic_analysis #frida #frida_scripts #frida_snippets #malware #medusa #penetration_testing #pentest

MEDUSA is a powerful tool that helps you analyze and automate processes for Android and iOS apps. It has many modules that can monitor various app activities like intents, HTTP communications, database interactions, and more. You can use MEDUSA to bypass security measures like SSL pinning, monitor malware activities, and even translate app UIs. To use it, you need to install it on Linux or macOS, set up the necessary tools like FRIDA and adb, and then run the scripts to start monitoring. This tool makes it easier to understand and analyze how apps work, which is very useful for security testing and debugging.

https://github.com/Ch0pin/medusa

#python #active_directory #hacking #infosec #infosectools #networks #pentest #pentest_tool #pentest_tools #pentesting #python #python3 #red_team #security #security_tools #windows

NetExec is a powerful tool for network security testing. It helps users automate tasks like finding vulnerabilities, executing commands on remote machines, and gathering network information. This tool is especially useful for penetration testers and cybersecurity professionals. By using NetExec, users can efficiently assess and improve the security of large networks, making it easier to identify and fix weaknesses. It supports various network protocols and integrates well with other security tools, making it a valuable asset for those in the cybersecurity field.

https://github.com/Pennyw0rth/NetExec

#python #bounty #bugbounty #bypass #cheatsheet #enumeration #hacking #hacktoberfest #methodology #payload #payloads #penetration_testing #pentest #privilege_escalation #redteam #security #vulnerability #web_application

Payloads All The Things is a comprehensive collection of useful payloads and bypass techniques for web application security testing and penetration testing. It offers detailed documentation for each vulnerability, including how to exploit it and ready-to-use payloads, plus files for tools like Burp Intruder. You can contribute your own payloads or improvements, making it a collaborative resource. It also links to related projects for internal network and hardware pentesting, and provides learning resources like books and videos. Using this resource helps you efficiently find and test security weaknesses in web applications, improving your pentesting effectiveness and knowledge.

https://github.com/swisskyrepo/PayloadsAllTheThings