title | created | modified |
---|---|---|
AI Hacking Assistants, Automated Hacking |
2024-05-07T14:33:59.000Z |
2024-07-28T05:03:12.735Z |
https://github.com/iSafeBlue/TrackRay
https://github.com/kelvinBen/AppInfoScanner
https://github.com/wwong99/pentest-notes
https://github.com/hmaverickadams/Beginner-Network-Pentesting
https://github.com/xiaoy-sec/Pentest_Note
https://github.com/bollwarm/SecToolSet
site:github.com 京峰内部武器库
site:github.com 护网
virus sample and source code
vx underground
you need to engage with hackers, either by reaching out directly, joining hacker groups or setting up honeypot and collect attack vectors
rockyou2009 rockyou2021 rockyou2024 password leak
x-recon
put huge database csv (1GB+ client data, confidential info) into ram filesystem, then search it with rg.
use leaked credentials to query search engine, mask these credentials and collect common keywords, practices finding unknown credentials.
web security tutorials
https://portswigger.net/web-security
https://websec.readthedocs.io/zh/latest/
pentest tools
https://github.com/mahyarx/pentest-tools
https://github.com/arch3rpro/pentesttools
https://github.com/gwen001/pentest-tools
query: google dorks
site:github.com minecraft dorks
shodan dorks
censys dorks
https://github.com/CorrieOnly/google-dorks
https://github.com/Ishanoshada/GDorks
site:github.com poc exp.py
https://github.com/Veraxy00/Shiro-EXP
https://github.com/ATonysan/poc-exp
https://github.com/hi-unc1e/POC-T
https://github.com/ycdxsb/PocOrExp_in_Github
https://github.com/knownsec/pocsuite3
https://github.com/midisec/pocsuite-poc
https://github.com/Cuerz/PoC-ExP
https://github.com/tr0uble-mAker/POC-bomber
https://github.com/zhzyker/exphub
https://github.com/zhzyker/vulmap
https://github.com/zhzyker/dismap
https://github.com/chaitin/xray
https://github.com/We5ter/Scanners-Box
https://github.com/Tuhinshubhra/CMSeeK
https://github.com/EntySec/Ghost
https://github.com/n0tr00t/Beebeeto-framework
https://github.com/WooYun/TangScan
https://github.com/BugScanTeam/BugScan-Doc
https://github.com/WangYihang/Exploit-Framework
https://github.com/orleven/Tentacle
https://github.com/claroty/opcua-exploit-framework
https://github.com/ronin-rb/ronin
https://github.com/PentestinGxRoot/pysploit
https://github.com/torque59/Nosql-Exploitation-Framework
https://github.com/sullo/nikto
https://github.com/HavocFramework/Havoc
https://github.com/EmpireProject/EmPyre
https://github.com/reverse-shell/routersploit
https://github.com/dark-lbp/isf
https://github.com/beefproject/beef
https://github.com/enaqx/awesome-pentest
https://poc-library.readthedocs.io/en/release/QuickStart.html
https://github.com/topics/exploitation-framework
https://pypi.org/project/pocsuite3
gdb assistant
https://github.com/pgosar/ChatGDB
pentest framework in python or ruby:
https://github.com/topics/penetration-testing-framework
https://github.com/topics/pentesting-python
https://github.com/qsecure-labs/overlord
https://github.com/OWASP/Nettacker
https://github.com/AlaBouali/bane
https://github.com/m4n3dw0lf/PytheM
https://github.com/skavngr/rapidscan
https://pypi.org/project/shellfire/
https://pypi.org/project/lockdoor/
https://pypi.org/project/getsploit/
https://pypi.org/project/sploitscan/
https://pypi.org/project/pyExploitDb/
exploit tutorials
https://pypi.org/project/exploit-bianxie-xilie-jiaocheng-1-11/
https://pypi.org/project/windows-exploit-kaifa-jiaocheng-massimiliano-tomassoli/
Cybersec collections:
https://github.com/trustedsec/ptf
AI Red teaming and network attack simulated environments:
https://github.com/yyzpiero/RL4RedTeam
https://github.com/Jjschwartz/NetworkAttackSimulator
search for blackhat gpt, blackhat tools etc.
https://github.com/friuns2/BlackFriday-GPTs-Prompts
https://github.com/Sajibekanti/1000-blackhat-tools
https://ollama.com/jimscard/blackhat-hacker
https://github.com/blackhatethicalhacking/Bug_Bounty_Tools_and_Methodology
all about privileges escalation scripts
haipy detects over 500+ hash types, which is a Python port of haiti
Cyberonix is a cybersecurity resource hub, containing a wide range of hacktool info.
HackerGPT which needs non-temporary email for registration.
Port scanning websites and self-hosted services:
https://alternativeto.net/software/shodan/
Many pentesting models and datasets are released on huggingface. Query words are: pentest
0dai
0dAI has published a series of models and is available on ollama.
Tutorial on how to use it:
https://notluken.github.io/running-0dai-in-ollama.html
It may worth while to collect tool manuals, tutorials, books, security blog posts, and train your custom AI upon them. It works best to let AI interacts with and learns from both simulated and real world environments.
But always remember hacking is an adversarial and highly competitive activity. It involves both high level and low level knowledge and expertise.
Always keep your knowledge base up to date in order to make use of latest vulnerabilities.
Agent hacking tools:
https://github.com/aress31/burpgpt
https://github.com/ipa-lab/hackingBuddyGPT
https://github.com/H4K6/PentestGPT
https://github.com/fr0gger/Awesome-GPT-Agents
https://github.com/GreyDGL/PentestGPT
https://github.com/luijait/DarkGPT
https://github.com/Hacker-GPT/HackerGPT-2.0
https://github.com/Sergio-F20/GPT-FastPentest
https://github.com/tenable/awesome-llm-cybersecurity-tools
https://github.com/Armur-Ai/Auto-Pentest-GPT-AI
Exploit query tools
https://github.com/msd0pe-1/cve-maker
https://pypi.org/project/puncia/
PoC collection (search for proof-of-concept in github for more)
https://github.com/nomi-sec/PoC-in-GitHub
https://github.com/Stuub/CVE-2024-4040-SSTI-LFI-PoC
https://github.com/DSO-Lab/pocscan
https://github.com/xinyisleep/pocscan
https://github.com/erevus-cn/pocscan
https://github.com/vulscanteam/vulscan
Query dorks
https://github.com/humblelad/Shodan-Dorks
https://github.com/RevoltSecurities/ShodanX
Nuclei and templates
https://github.com/projectdiscovery/nuclei
https://github.com/0xmaximus/final_freaking_nuclei_templates
https://github.com/Ostorlab/KEV
Popular topics
https://github.com/topics/0day
GPT-4 can now exploit 1day CVE.