A list of useful payloads and bypass for Web Application Security and Pentest/CTF
-
Updated
Dec 4, 2024 - Python
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Hunt down social media accounts by username across social networks
The Swiss Army knife for 802.11, BLE, HID, CAN-bus, IPv4 and IPv6 networks reconnaissance and MITM attacks.
🕵️♂️ Collect a dossier on a person by username from thousands of sites
Web path scanner
E-mails, subdomains and names Harvester - OSINT
GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
Nishang - Offensive PowerShell for red team, penetration testing and offensive security.
A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
List of Awesome Red Teaming Resources
Tools and Techniques for Red Team / Penetration Testing
The all-in-one browser extension for offensive security professionals 🛠
ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀
Red Teaming Tactics and Techniques
Kscan是一款纯go开发的全方位扫描器,具备端口扫描、协议检测、指纹识别,暴力破解等功能。支持协议1200+,协议指纹10000+,应用指纹20000+,暴力破解协议10余种。
Villain is a high level stage 0/1 C2 framework that can handle multiple reverse TCP & HoaxShell-based shells, enhance their functionality with additional features (commands, utilities) and share them among connected sibling servers (Villain instances running on different machines).
Add a description, image, and links to the redteam topic page so that developers can more easily learn about it.
To associate your repository with the redteam topic, visit your repo's landing page and select "manage topics."