1934 Open source projects that are alternatives of or similar to Active Directory Exploitation Cheat Sheet

This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference

一款信息泄漏利用工具，适用于.git/.svn源代码泄漏和.DS_Store泄漏

Cheat Sheets for Arduino Programming Language

Awesome cloud enumerator

Basic Javascript Cheat Sheet

A pentesting tool inspired by mr robot and derived by zphisher

Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.

A ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network

A curated list of awesome OSCP resources

Comprehensive Web Based Phishing Suite for Rapid Deployment and Real-Time Alerting!

ReconPi - A lightweight recon tool that performs extensive scanning with the latest tools.

hydra

👁 (s)AINT is a Spyware Generator for Windows systems written in Java. [Discontinued]

A "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)

Free Security and Hacking eBooks

Recsech is a tool for doing Footprinting and Reconnaissance on the target web. Recsech collects information such as DNS Information, Sub Domains, HoneySpot Detected, Subdomain takeovers, Reconnaissance On Github and much more you can see in Features in tools .

Tool Information Gathering Write By Python.

A MongoDB importer and API for Project Sonars DNS datasets

CMS auto detect and exploit.

Port of Wappalyzer (uncovers technologies used on websites) to automate mass scanning.

Personal CTF Toolkit

Advanced Web Shell

Privilege Escalation Enumeration Script for Windows

Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security.

Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.

A web front-end for password cracking and analytics

A list of web application security

👻 A LAN dropbox chatbot controllable via Telegram

记录自己编写、修改的部分工具

Hacker101 CTF Writeup

network reconnaissance toolkit

Proves JVM cheats are viable on native games, and demonstrates the longevity against anti-cheat signature detection systems

Get Keyboard,Mouse,ScreenShot,Microphone Inputs from Target Computer and Send to your Mail.

Enumerate usernames on a domain where you have no creds by using SMB Relay with low priv.

SQLi-Hunter is a simple HTTP / HTTPS proxy server and a SQLMAP API wrapper that makes digging SQLi easy.

Web application vulnerability scanner

onex is a hacking tool installer and package manager for hackers. Onex is a library of all hacking tools for Termux and other Linux distributions. onex can install any third party tool or any hacking tool for you.

Modern tactical exploitation toolkit.

Attify OS - Distro for pentesting IoT devices

A collection of more than 140+ tools, scripts, cheatsheets and other loots that I have developed over years for Red Teaming/Pentesting/IT Security audits purposes. Most of them came handy on at least one of my real-world engagements.

🤖 The Modern Port Scanner 🤖

Python 3.5+ DNS asynchronous brute force utility

Security Tool to Look For Interesting Files in S3 Buckets

Python3 script to perform LDAP queries and enumerate users, groups, and computers from Windows Domains. Ldap_Search can also perform brute force/password spraying to identify valid accounts via LDAP.

Undetectable & Xor encrypting with custom KEY (FUD Metasploit Rat) bypass Top Antivirus like BitDefender,Malwarebytes,Avast,ESET-NOD32,AVG,... & Automatically Add ICON and MANIFEST to excitable

Collection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi

Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework

Gorsair hacks its way into remote docker containers that expose their APIs

Reverse proxies cheatsheet

Extract endpoints from APK files

A repository of tools for pentesting of restricted and isolated environments.

Linux Privilege Escalation Tool By WazeHell

Providing aid in converting video games.

The best Hacking and PenTesting tools installer on the world

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

Automated hacking tool that will find leaked databases with 97.1% accurate to grab mail + password together from recent uploads from https://pastebin.com. Bruteforce support for spotify accounts, instagram accounts, ssh servers, microsoft rdp clients and gmail accounts

Payload for teensy like a rubber ducky but the syntax is different. this Human interfaes device ( HID attacks ). Penetration With Teensy . Brutal is a toolkit to quickly create various payload,powershell attack , virus attack and launch listener for a Human Interface Device ( Payload Teensy )

The Shadow Attack Framework

Rust code to show how hooking in rust with a dll works.