rkhan99e Goto Github PK

awesome-api-security

A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.

burpsuite

byp4xx

40X/HTTP bypasser in Go. Features: Verb tampering, headers, #bugbountytips, User-Agents, extensions, default credentials...

dorks-collections-list

List of Github repositories and articles with list of dorks for different search engines

fopnp

Foundations of Python Network Programming (Apress) — scripts and examples

freeze.rs

Freeze.rs is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls written in RUST

ghostpack-compiledbinaries

Ghostpack

hacktricks

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

hate_crack

A tool for automating cracking methodologies through Hashcat from the TrustedSec team.

linpeas

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

masscan

TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.

mastering-python-for-networking-and-security-second-edition

Mastering Python for Networking and Security, Second Edition, published by Packt

mimikatz

A little tool to play with Windows security

mitm6

pwning IPv4 via IPv6

myexpense

MyExpense is a vulnerable web application

nishang

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

onelistforall

Rockyou for web fuzzing

pcredz

This tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface.

pecheck

A tool to verify and create PE Checksums for Portable Executable (PE) files.

python-network-programming

Conquer all your networking challenges with the powerful Python language

responder

Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.

rlwrap

A readline wrapper

rubeus

Trying to tame the three-headed dog.

seclists

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

sharpcollection

Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.

shellcodecompiler

Shellcode Compiler

web-security-academy-series

werkzeug-debug-console-bypass

Werkzeug has a debug console that requires a pin. It's possible to bypass this with an LFI vulnerability or use it as a local privilege escalation vector.

wireshark-quizzes

Packet captures of malicious traffic for analysis using Wireshark

wireshark-tutorial-icedid

wireshark training