t3l3machus

Panagiotis Chartas's starred repositories

sqlmap

Automatic SQL injection and database takeover tool

Language:PythonNOASSERTION31719 1094 5211

katana

A next-generation crawling and spidering framework.

Language:GoMIT10741 87 280

nuclei-templates

Community curated list of templates for the nuclei engine to find security vulnerabilities.

Language:JavaScriptMIT8869 197 1480

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.

Language:HTMLGPL-3.07325 140 822

HowToHunt

Collection of methodology and test case for various web vulnerabilities.

GPL-3.06017 277 17

DefaultCreds-cheat-sheet

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

Language:PythonMIT5507 88 16

apkleaks

Scanning APK file for URIs, endpoints & secrets.

Language:PythonApache-2.04815 79 57

uncover

Quickly discover exposed hosts on the internet using multiple search engines.

Language:GoMIT2345 37 69

firefox_decrypt

Firefox Decrypt is a tool to extract passwords from Mozilla (Firefox™, Waterfox™, Thunderbird®, SeaMonkey®) profiles

Language:PythonGPL-3.01961 48 76

dnsReaper

dnsReaper - subdomain takeover tool for attackers, bug bounty hunters and the blue team!

Language:PythonAGPL-3.01956 22 62

cvemap

Navigate the CVE jungle with ease.

Language:GoMIT1598 23 45

wordlists

Automated & Manual Wordlists provided by Assetnote

Language:CSSApache-2.01264 26 4

CVE-2021-3156

Language:C943 27 20

phpbash

A semi-interactive PHP shell compressed into a single file.

Language:PHPApache-2.0865 21 17

alterx

Fast and customizable subdomain wordlist generator using DSL

Language:GoMIT687 12 23

resolvers

The most exhaustive list of reliable DNS resolvers.

MIT648 16 9

Supernova

Real fucking shellcode encryptor & obfuscator tool

Language:GoMIT624 10 3

LEAKEY

LEAKEY is a bash script which checks and validates for leaked credentials. The idea behind LEAKEY is to make it highly customizable and easy to add checks for new services.

Language:Shell341 5 2

awesome-nmap-grep

Awesome Nmap Grep

323 14 4

misconfig-mapper

Misconfig Mapper is a fast tool to help you uncover security misconfigurations on popular third-party services used by your company and/or bug bounty targets!

Language:GoMIT322 6 4

graphql-wordlist

The only GraphQL wordlist you'll ever need. Operations, field names, type names... Collected on more than 60k distinct GraphQL schemas.

Language:TypeScriptAGPL-3.0312 5 2

missing-cve-nuclei-templates

Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.

Language:ShellMIT309 10 7

payload-wizard

AI assistant that utilizes GPT language models to interpret and generate cybersecurity payloads 🪄

Language:TypeScriptMIT154 3 1

secfiles

My useful files for penetration tests, security assessments, bug bounty and other security related stuff

Language:ShellMIT132 8 1

c2-cloud

The C2 Cloud is a robust web-based C2 framework, designed to simplify the life of penetration testers. It allows easy access to compromised backdoors, just like accessing an EC2 instance in the AWS cloud. It can manage several simultaneous backdoor sessions with a user-friendly interface.

Language:PythonMIT94 30