2024-05-07
Ai Hacking Assistants, Automated Hacking

awvs

https://github.com/iSafeBlue/TrackRay


https://github.com/kelvinBen/AppInfoScanner

https://github.com/wwong99/pentest-notes

https://github.com/hmaverickadams/Beginner-Network-Pentesting

https://github.com/xiaoy-sec/Pentest_Note


https://github.com/bollwarm/SecToolSet


site:github.com 京峰内部武器库

site:github.com 护网


virus sample and source code

vx underground


you need to engage with hackers, either by reaching out directly, joining hacker groups or setting up honeypot and collect attack vectors


rockyou2009 rockyou2021 rockyou2024 password leak


x-recon


https://getodin.com

https://getodin.com/community


put huge database csv (1GB+ client data, confidential info) into ram filesystem, then search it with rg.


use leaked credentials to query search engine, mask these credentials and collect common keywords, practices finding unknown credentials.


web security tutorials

https://portswigger.net/web-security

https://websec.readthedocs.io/zh/latest/

pentest tools

https://pentestbox.org/

https://github.com/mahyarx/pentest-tools

https://github.com/arch3rpro/pentesttools

https://github.com/gwen001/pentest-tools


query: google dorks site:github.com minecraft dorks shodan dorks censys dorks

https://github.com/CorrieOnly/google-dorks

https://github.com/Ishanoshada/GDorks


1
2
site:github.com poc exp.py

https://github.com/Veraxy00/Shiro-EXP

https://github.com/ATonysan/poc-exp

https://github.com/hi-unc1e/POC-T

https://github.com/ycdxsb/PocOrExp_in_Github

https://github.com/knownsec/pocsuite3

https://github.com/midisec/pocsuite-poc

https://github.com/Cuerz/PoC-ExP

https://github.com/wy876/POC

https://github.com/tr0uble-mAker/POC-bomber

https://github.com/zhzyker/exphub

https://github.com/zhzyker/vulmap

https://github.com/zhzyker/dismap

https://github.com/chaitin/xray

https://github.com/We5ter/Scanners-Box

https://github.com/Tuhinshubhra/CMSeeK

https://github.com/EntySec/Ghost

https://github.com/n0tr00t/Beebeeto-framework

https://github.com/WooYun/TangScan

https://github.com/BugScanTeam/BugScan-Doc

https://github.com/WangYihang/Exploit-Framework

https://github.com/orleven/Tentacle

https://github.com/claroty/opcua-exploit-framework

https://github.com/ronin-rb/ronin

https://github.com/PentestinGxRoot/pysploit

https://github.com/torque59/Nosql-Exploitation-Framework

https://github.com/sullo/nikto

https://github.com/HavocFramework/Havoc

https://github.com/EmpireProject/EmPyre

https://github.com/reverse-shell/routersploit

https://github.com/dark-lbp/isf

https://github.com/beefproject/beef

https://github.com/enaqx/awesome-pentest

https://poc-library.readthedocs.io/en/release/QuickStart.html


https://github.com/topics/exploitation-framework


https://pypi.org/project/pocsuite3

https://pypi.org/project/pocx


gdb assistant

https://github.com/pgosar/ChatGDB


pentest framework in python or ruby:

https://github.com/topics/penetration-testing-framework

https://github.com/topics/pentesting-python

https://github.com/qsecure-labs/overlord

https://github.com/OWASP/Nettacker

https://github.com/AlaBouali/bane

https://github.com/m4n3dw0lf/PytheM

https://github.com/skavngr/rapidscan

https://pypi.org/project/shellfire/

https://pypi.org/project/lockdoor/

https://pypi.org/project/getsploit/

https://pypi.org/project/sploitscan/

https://pypi.org/project/pyExploitDb/


exploit tutorials

https://pypi.org/project/exploit-bianxie-xilie-jiaocheng-1-11/

https://pypi.org/project/windows-exploit-kaifa-jiaocheng-massimiliano-tomassoli/


Cybersec collections:

https://cybersectools.com/

https://github.com/trustedsec/ptf


AI Red teaming and network attack simulated environments:

https://github.com/yyzpiero/RL4RedTeam

https://github.com/Jjschwartz/NetworkAttackSimulator


search for blackhat gpt, blackhat tools etc.

https://github.com/friuns2/BlackFriday-GPTs-Prompts

https://github.com/Sajibekanti/1000-blackhat-tools

https://ollama.com/jimscard/blackhat-hacker

https://github.com/blackhatethicalhacking/Bug_Bounty_Tools_and_Methodology


all about privileges escalation scripts


haipy detects over 500+ hash types, which is a Python port of haiti

Cyberonix is a cybersecurity resource hub, containing a wide range of hacktool info.


HackerGPT which needs non-temporary email for registration.

Port scanning websites and self-hosted services:

https://alternativeto.net/software/shodan/


Many pentesting models and datasets are released on huggingface. Query words are: pentest 0dai

0dAI has published a series of models and is available on ollama.

Tutorial on how to use it:

https://notluken.github.io/running-0dai-in-ollama.html

It may worth while to collect tool manuals, tutorials, books, security blog posts, and train your custom AI upon them. It works best to let AI interacts with and learns from both simulated and real world environments.

But always remember hacking is an adversarial and highly competitive activity. It involves both high level and low level knowledge and expertise.

Always keep your knowledge base up to date in order to make use of latest vulnerabilities.


Agent hacking tools:

https://github.com/aress31/burpgpt

https://github.com/ipa-lab/hackingBuddyGPT

https://github.com/H4K6/PentestGPT

https://github.com/fr0gger/Awesome-GPT-Agents

https://github.com/GreyDGL/PentestGPT

https://github.com/luijait/DarkGPT

https://github.com/Hacker-GPT/HackerGPT-2.0

https://github.com/Sergio-F20/GPT-FastPentest

https://github.com/tenable/awesome-llm-cybersecurity-tools

https://github.com/Armur-Ai/Auto-Pentest-GPT-AI

Exploit query tools

https://github.com/msd0pe-1/cve-maker

https://pypi.org/project/puncia/

PoC collection (search for proof-of-concept in github for more)

https://github.com/nomi-sec/PoC-in-GitHub

https://github.com/Stuub/CVE-2024-4040-SSTI-LFI-PoC

https://github.com/DSO-Lab/pocscan

https://github.com/xinyisleep/pocscan

https://github.com/erevus-cn/pocscan

https://github.com/vulscanteam/vulscan

Query dorks

https://github.com/humblelad/Shodan-Dorks

https://github.com/RevoltSecurities/ShodanX

Nuclei and templates

https://github.com/projectdiscovery/nuclei

https://github.com/0xmaximus/final_freaking_nuclei_templates

https://github.com/Ostorlab/KEV

Popular topics

https://github.com/topics/0day


GPT-4 can now exploit 1day CVE.


https://github.com/shadow1ng/fscan

Read More

2023-10-10
Mastering System Events: Script Execution With @Reboot And Systemd

execute script before & after system events like startup, suspend & shutdown

for startup use @reboot with crontab -e

for others, write scripts under /lib/systemd/system-*

Read More