mitmproxy by mitmproxy

An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

created at Feb. 16, 2010, 4:10 a.m.

Python

624 +0

36,847 +91

4,041 +6

GitHub
sqlmap by sqlmapproject

Automatic SQL injection and database takeover tool

created at June 26, 2012, 9:52 a.m.

Python

1,092 +1

32,589 +78

5,725 +10

GitHub
XSStrike by UltimateHackers

Most advanced XSS scanner.

created at June 26, 2017, 7:24 a.m.

Python

274 +0

13,376 +28

1,906 +3

GitHub
Photon by UltimateHackers

Incredibly fast crawler designed for OSINT.

created at March 30, 2018, 7:38 p.m.

Python

325 +1

11,061 +26

1,521 +1

GitHub
prowler by prowler-cloud

Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more

created at Aug. 24, 2016, 3:12 p.m.

Python

130 +0

10,847 +39

1,543 +3

GitHub
Sublist3r by aboul3la

Fast subdomains enumeration tool for penetration testers

created at Dec. 15, 2015, 12:55 a.m.

Python

231 +0

9,880 +18

2,104 -2

GitHub
wfuzz by xmendez

Web application fuzzer

created at Oct. 22, 2014, 9:23 p.m.

Python

167 +0

5,968 +13

1,385 +0

GitHub
commix by commixproject

Automated All-in-One OS Command Injection Exploitation Tool.

created at March 20, 2015, 8:38 a.m.

Python

158 +0

4,611 +13

818 +2

GitHub
social_mapper by Greenwolf

A Social Media Enumeration & Correlation Tool by Jacob Wilkin(Greenwolf)

created at July 7, 2018, 2:50 p.m.

Python

225 +0

3,808 +2

788 +0

GitHub
tplmap by epinna

Server-Side Template Injection and Code Injection Detection and Exploitation Tool

created at July 6, 2016, 8:33 p.m.

Python

83 +1

3,794 +9

671 +1

GitHub
LinkFinder by GerbenJavado

A python script that finds endpoints in JavaScript files

created at June 9, 2017, 11:50 a.m.

Python

66 +0

3,723 +6

597 +0

GitHub
subDomainsBrute by lijiejie

A fast sub domain brute tool for pentesters

created at April 1, 2015, 7:22 a.m.

Python

116 +0

3,488 +2

1,010 +0

GitHub
weevely3 by epinna

Weaponized web shell

created at Sept. 20, 2014, 10:16 a.m.

Python

132 +1

3,200 +10

605 +2

GitHub
Raccoon by evyatarmeged

A high performance offensive security tool for reconnaissance and vulnerability scanning

created at May 13, 2018, 5:05 p.m.

Python

108 +0

3,090 +2

400 +0

GitHub
plasma by plasma-disassembler

Plasma is an interactive disassembler for x86/ARM/MIPS. It can generates indented pseudo-code with colored syntax.

created at March 9, 2015, 9:16 p.m.

Python

149 +0

3,047 +0

277 +0

GitHub
cloudgoat by RhinoSecurityLabs

CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool

created at July 17, 2018, 12:21 a.m.

Python

74 +0

2,974 +3

622 +3

GitHub
Astra by flipkart-incubator

Automated Security Testing For REST API's

created at Jan. 10, 2018, 11:56 a.m.

Python

86 +0

2,512 +6

402 +1

GitHub
Some-PoC-oR-ExP by coffeehb

各种漏洞poc、Exp的收集或编写

created at March 13, 2015, 3:31 p.m.

Python

154 +0

2,384 +2

972 +0

GitHub
phpsploit by nil0x42

Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor

created at May 21, 2014, 7:43 p.m.

Python

104 +0

2,221 +8

440 +1

GitHub
GSIL by FeeiCN

GitHub Sensitive Information Leakage(GitHub敏感信息泄露监控)

created at Oct. 11, 2017, 10:14 a.m.

Python

61 +0

2,124 -1

486 +0

GitHub