77 Components & Libraries
Sortby
The biggest advantage of using browser bruter for fuzzing the web application is that all of the fuzzing will take place at browser level, so all of the attack will be as they have been manually done…
Pycript is a Burp Suite extension that enables users to encrypt and decrypt requests and response for manual and automated application penetration testing. It also allows users to create custom encry…
The tool has been tested using Python 3.8.10 on Kali Linux 2022.2/3, Ubuntu 20.04.5 LTS, Windows 10/11. Windows Installation Linux Installation Windows Linux This project is supported by:
Well, Spoofy is different and here is why: After the initial testing using Microsoft 365, some combinations were retested using Protonmail and Gmail due to the differences in their handling of banner…
If you think a project should be included here I really want to know, but keep in mind that this isn't supposed to be a dictionary. I want to keep the best, covering as many bases as possible while m…
Simple python script supported with BurpBouty profile that helps you to detect SQL injection "Error based" by sending multiple requests with 14 payloads and checking for 152 regex patterns for differ…
AutoPWN Suite is a project for scanning vulnerabilities and exploiting systems automatically. AutoPWN Suite has a very user friendly easy to read output. You can install it using pip. (sudo recommend…
toxssin is an open-source penetration testing tool that automates the process of exploiting Cross-Site Scripting (XSS) vulnerabilities. It consists of an https server that works as an interpreter for…
NIVOS is a hacking tool that allows you to scan deeply , crack wifi, see people on your network. It applies to all linux operating systems. And it is improving every day, new packages are added. Than…
Extra thanks to the people who left a star on the repo. Every one is very appreciated :) Note this script is purley just a small enumeration script, and does not directly attack any found devices on …
Dome is a fast and reliable python script that makes active and/or passive scan to obtain subdomains and search for open ports. This tool is recommended for bug bounty hunters and pentester in their …
Jarbou3 is rat tool with coded in python with C&C which can accept multiple connections from clients The use of the jarbou3 COMPLETE RESPONSIBILITY of the END-USER. Developers assume NO liabili…
Reverse shells can be established through HTTP or HTTPS. The certificates used for HTTPS can be auto-generated by Phantom or supplied by the user. Phantom includes a helper shell script that enables …
Examples, source code and exercises from the book "Black Hat Python" by Justin Seitz. No Starch Press is offering also an Errata Corrige on the book code, but at the moment (November 2021) this secti…
The tools will be categorized as: To download the latest version of OPSTConsole, OPSTSetup, OPSTHelp and the OPSTInstall-all. If you want the help message with all "opst" commands and with other info…
Bypass 4xx HTTP response status codes and more. Based on PycURL and Python Requests. Script uses multithreading and is based on brute forcing, and as such, might have false positive results. Script h…
Used for penetration testing and/or red-teaming etc. I created this tool because i needed a third party tool to generate a bunch of PDF files with various links. Output will be written as: test1.pdf,…
TIWAP is a web security testing lab made using Flask for budding security enthusiasts to learn about various web vulnerabilities. Inspired by DVWA, the contributors have tried their best to regenerat…
If you don't have it, then execute:
• This tool is for educational purposes only. • We are not responsible for any illegal usage of this tool. LFITester is a Python3 tool which tests if a server is vulnerable to Local File Inclusion (L…
Subscribe to our newsletter