2789 Open source projects that are alternatives of or similar to A Red Teamer Diaries

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns

🏴‍☠️ Information Gathering tool 🏴‍☠️ DNS / Subdomains / Ports / Directories enumeration

Enumerate information from NTLM authentication enabled web endpoints 🔎

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.

Container with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

The all-in-one Red Team extension for Web Pentester 🛠

Next generation web scanner

Advanced vulnerability scanning with Nmap NSE

🤖 The Modern Port Scanner 🤖

HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.

Powerful Visual Subdomain Enumeration at the Click of a Mouse

Idiomatic nmap library for go developers

大型内网渗透扫描器&Cobalt Strike，Ladon8.9内置120个模块，包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2，密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem，Poc/Exploit,支持Cobalt Strike 3.X-4.0

The Collective. A repo for a collection of red-team projects found mostly on Github.

An Arch Linux repository for security professionals and enthusiasts. Done the Arch Way and optimized for i686, x86_64, ARMv6, ARMv7 and ARMv8.

Useful tools and scripts during Penetration Testing engagements

Cameradar hacks its way into RTSP videosurveillance cameras

Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

Web path scanner

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)

Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.

Asynchronous Python implementation of SlowLoris DoS attack

Attack Surface Management Platform | Sn1perSecurity LLC

hack tools

Tool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.

Python AV Evasion Tools

A Python tool used to automate the execution of the following tools : Nmap , Nikto and Dirsearch but also to automate the report generation during a Web Penetration Testing

备考 OSCP 的各种干货资料/渗透测试干货资料

Bash script purposed for system enumeration, vulnerability identification and privilege escalation.

OSINT

HostHunter a recon tool for discovering hostnames using OSINT techniques.

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

my oscp prep collection

Hacking Toolkit

A collection of more than 140+ tools, scripts, cheatsheets and other loots that I have developed over years for Red Teaming/Pentesting/IT Security audits purposes. Most of them came handy on at least one of my real-world engagements.

A collection of hacking / penetration testing resources to make you better!

This repository contains writeups for various CTFs I've participated in (Including Hack The Box).

All releases of the security research group (a.k.a. hackers) The Hacker's Choice

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

Automated NoSQL database enumeration and web application exploitation tool.

Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.

Just Another Linux Enumeration Script: A Bash script for locally enumerating a compromised Linux box

A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).

Audit tool to find common vulnerabilities in PHP source code

Leverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.

This tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely useful for a forensics team to extract timestamps after an attack on a host to collect evidences and perform further analysis.

Security Orchestration, Automation and Response (SOAR) Platform. 安全编排与自动化响应平台，无需编写代码的安全自动化，使用 SOAR 可以让团队工作更加高效

200 TOOLS BY 0XID4FF0X FOR TERMUX

A high performance offensive security tool for reconnaissance and vulnerability scanning

This repository contains full code examples from the book Gray Hat C#

A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.