cicada-369 Goto Github PK

akto

Proactive, Open source API security → API discovery, Testing in CI/CD, Test Library with 150+ Tests, Add custom tests, Sensitive data exposure

automated-security-helper

awesome-termux-hacking

⚡️An awesome list of the best Termux hacking tools

babyshark

Basic C2 Server

betterscan-ce

Code Scanning/SAST/Static Analysis/Linting using many tools/Scanners + OpenAI GPT with One Report (Code, IaC) - Betterscan Community Edition (CE)

blog

bugbounty

Notes for BugBounty Research

c3

Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing offensive toolkits.

caldera

Automated Adversary Emulation Platform

cloudpentestcheatsheets

This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage cloud providers.

covenant

Covenant is a collaborative .NET C2 framework for red teamers.

dali

empire

Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.

evilosx

An evil RAT (Remote Administration Tool) for macOS / OS X.

fast-google-dorks-scan

The OSINT project, the main idea of which is to collect all the possible Google dorks search combinations and to find the information about the specific web-site: common admin panels, the widespread file types and path traversal. The 100% automated.

flyingafalseflag

Slides and Code for the BHUSA 2019 talk: Flying a False Flag

freeplane

Application for Mind Mapping, Knowledge Management, Project Management. Develop, organize and communicate your ideas and knowledge in the most effective way.

gitlab-ce-carlos

提供更严格的开发流程，以及不可修改历史记录。更严肃的工程实践。

godoh

🕳 godoh - A DNS-over-HTTPS C2

h4cker

This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.

hackergpt

The official HackerGPT repository

http-asynchronous-reverse-shell

[POC] Asynchronous reverse shell using the HTTP protocol.

ibombshell

Tool to deploy a post-exploitation prompt at any time

infoooze

A OSINT tool which helps you to quickly find information effectively. All you need is to input and it will take take care of rest.

insider

Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full F

lazyrecon

This script is intended to automate your reconnaissance process in an organized fashion

merlin

Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.

mind-maps

Mind-Maps of Several Things

mindapi

Organize your API security assessment by using MindAPI. It's free and open for community collaboration.

mitaka

A browser extension for OSINT search