A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more
-
Updated
Jul 5, 2024 - Shell
A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more
SSH-Snake is a self-propagating, self-replicating, file-less script that automates the post-exploitation task of SSH private key and host discovery.
ISeeYou is a Bash and Javascript tool to find the exact location of the users during social engineering or phishing engagements. Using exact location coordinates an attacker can perform preliminary reconnaissance which will help them in performing further targeted attacks.
用于Linux应急响应,快速排查异常用户登录情况和入侵信息排查,准确定位溯源时间线,高效辅助还原攻击链。
Catspin rotates the IP address of HTTP requests making IP based blocks or slowdown measures ineffective. It is based on AWS API Gateway and deployed via AWS Cloudformation.
Automated, extensible toolset that runs cypher queries against Bloodhound's Neo4j backend and saves output to spreadsheets.
Nucleimonst3r is a powerful vulnerability scanner that can help Bug Bounty Hunters find low hanging fruit vulnerabilities for known CVEs and exploits but also gather all the technology running behind them for further investigation for a potential target.
🧰 Multi Tool Kubernetes Pentest Image
CrossC2 developed based on the Cobalt Strike framework can be used for other cross-platform system control. CrossC2Kit provides some interfaces for users to call to manipulate the CrossC2 Beacon session, thereby extending the functionality of Cobalt Strike.
Diablo ~ Hacking / Pentesting & Reporting
smartrecon is a powerful shell script to automate the recon and finding common vulnerabilities for bug hunter
Port WiFi Pineapple NANO/TETRA in generic hardware
An automation tool to install the most popular tools for bug bounty or pentesting.
My useful files for penetration tests, security assessments, bug bounty and other security related stuff
TerminatorZ is a highly sophisticated and efficient web security tool that scans for top potential vulnerabilities with known CVEs in your web applications.
EZEA (EaZy Enum Automator), made for OSCP. This tool uses bash to automate most of the enumeration proces
This script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)
A Golang Reverse Shell w/ a Tmux-driven psuedo-C2 Interface
Add a description, image, and links to the redteam topic page so that developers can more easily learn about it.
To associate your repository with the redteam topic, visit your repo's landing page and select "manage topics."