1934 Open source projects that are alternatives of or similar to Active Directory Exploitation Cheat Sheet

Enumerate AD through LDAP with a collection of helpfull scripts being bundled

Linux privilege escalation checks (systemd, dbus, socket fun, etc)

A Tool that Finds, Enumerates, and Exploits Reolink Cameras.

This cheat sheet contains common enumeration and attack methods for Windows Active Directory with the use of powershell.

🔪 Leak git repositories from misconfigured websites

DevBrute is a Password Brute Forcer, It can Brute Force almost all Social Media Accounts or Any Web Application.

Automation for internal Windows Penetrationtest / AD-Security

Reconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.

Command line tool that allows you to explore IoT devices by using Shodan API.

This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack

Wordpress 🔥 Joomla 🔥 Drupal 🔥 OsCommerce 🔥 Prestashop 🔥 Opencart 🔥

Next generation web scanner

Vagrant VirtualBox environment for conducting an internal network penetration test

A Powerful Penetration Tool For Automating Penetration Tasks Such As Local Privilege Escalation, Enumeration, Exfiltration and More... Use Or Build Automation Modules To Speed Up Your Cyber Security Life

Everything needed for doing CTFs

A standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)

M3m0 Tool ⚔️ Website Vulnerability Scanner & Auto Exploiter

Set of tools to audit SIP based VoIP Systems

A collection of personal scripts used in hacking excercises.

Idiomatic nmap library for go developers

An Arch Linux repository for security professionals and enthusiasts. Done the Arch Way and optimized for i686, x86_64, ARMv6, ARMv7 and ARMv8.

Sifter aims to be a fully loaded Op Centre for Pentesters

A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).

Just Another Linux Enumeration Script: A Bash script for locally enumerating a compromised Linux box

A curated list of awesome privilege escalation

hacker, ready for more of our story ! 🚀

Penetration Testing notes, resources and scripts

Attack Surface Management Platform | Sn1perSecurity LLC

Notes for taking the OSCP in 2097. Read in book form on GitBook

This cheasheet is aimed at the CTF Players and Beginners to help them understand the fundamentals of Privilege Escalation with examples.

All in One Hacking Tool for Linux & Android (Termux). Make your linux environment into a Hacking Machine. Hackers are welcome in our blog

OSINT Tool: Generate username lists for companies on LinkedIn

Spoof SSDP replies and create fake UPnP devices to phish for credentials and NetNTLM challenge/response.

swiss army knife for hackers

💣 Impulse Denial-of-service ToolKit

Infection vector that bypasses AV, IDS, and IPS. (For now...)

Proves JVM cheats are viable on native games, and demonstrates the longevity against anti-cheat signature detection systems

Modern tactical exploitation toolkit.

hacking-tool termux-tools termux noob-friendly instagram-bot bruteforce-password-cracker wordlist-technique

Get Keyboard,Mouse,ScreenShot,Microphone Inputs from Target Computer and Send to your Mail.

Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security.

A web front-end for password cracking and analytics

Attify OS - Distro for pentesting IoT devices

The Offensive Manual Web Application Penetration Testing Framework.

A collection of more than 140+ tools, scripts, cheatsheets and other loots that I have developed over years for Red Teaming/Pentesting/IT Security audits purposes. Most of them came handy on at least one of my real-world engagements.

Collection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi

Let's you perform domain/IP information gathering... in BASH! Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?"

Gorsair hacks its way into remote docker containers that expose their APIs

Payload for teensy like a rubber ducky but the syntax is different. this Human interfaes device ( HID attacks ). Penetration With Teensy . Brutal is a toolkit to quickly create various payload,powershell attack , virus attack and launch listener for a Human Interface Device ( Payload Teensy )

Collection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)

The Shadow Attack Framework

Automated hacking tool that will find leaked databases with 97.1% accurate to grab mail + password together from recent uploads from https://pastebin.com. Bruteforce support for spotify accounts, instagram accounts, ssh servers, microsoft rdp clients and gmail accounts

Reverse proxies cheatsheet

Exploit Pack -The next generation exploit framework

记录自己编写、修改的部分工具

Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework

Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.

Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands on training!

A collection of public offensive and defensive security related scripts for InfoSec students.

🆕 The Multi-Tool Web Vulnerability Scanner.