437 Open source projects that are alternatives of or similar to Androtickler

BlackRAT - Java Based Remote Administrator Tool

Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.

Burp Suite extension to discover assets from HTTP response.

Burpsuite-Plugins-Usage

Exploit pack for pentesters and ethical hackers.

Open-Source Ransomware As A Service for Linux, MacOS and Windows

XSSMap 是一款基于 Python3 开发用于检测 XSS 漏洞的工具

🤖 The Modern Port Scanner 🤖

The Collective. A repo for a collection of red-team projects found mostly on Github.

Python3 tool to perform password spraying using RDP

A Virtual environment for Pentesting IoT Devices

Enumerate usernames on a domain where you have no creds by using SMB Relay with low priv.

🔪 Leak git repositories from misconfigured websites

👻Impost3r -- A linux password thief

🚀 Fast Port Scanner 🚀

swiss army knife for hackers

Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network

Scan .onion hidden services with nmap using Tor, proxychains and dnsmasq in a minimal alpine Docker container.

Record the change log from models in Laravel

A standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)

Responsive Command and Control System

Tactics, Techniques, and Procedures

Network protocol auditing framework

Collection of pentesting scripts

Uses Empire's (https://github.com/BC-SECURITY/Empire) RESTful API to automate gaining Domain and/or Enterprise Admin rights in Active Directory environments using some of the most common offensive TTPs.

Offensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.

File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

Web Application Security Automation Framework which recons the target for various assets to maximize the attack surface for security professionals & bug-hunters

Python3 script to perform LDAP queries and enumerate users, groups, and computers from Windows Domains. Ldap_Search can also perform brute force/password spraying to identify valid accounts via LDAP.

A tool to automate penetration tests

A wrapper for Nmap to quickly run network scans

A vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.

The Robot Security Framework (RSF), Robot Security Framework (RSF), a standardized methodology to perform security assessments in robotics.

Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

Port of Wappalyzer (uncovers technologies used on websites) to automate mass scanning.

本程序旨在为安全应急响应人员对Linux主机排查时提供便利，实现主机侧Checklist的自动全面化检测，根据检测结果自动数据聚合，进行黑客攻击路径溯源。

Centralize Vulnerability Assessment and Management for DevSecOps Team

Web Pentesting Fuzz 字典,一个就够了。

Our OSCP repo: from popping shells to mental health.

This repository contains full code examples from the book Gray Hat C#

A simple wrapper for C# tools

Framework designed to automate various wireless networks attacks (the project was presented on Pentester Academy TV's toolbox in 2017).

GCP CIS 1.1.0 Benchmark InSpec Profile

Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

ReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.

A bash script for recon and DOS attacks

A list to discover work of red team tooling and methodology for penetration testing and security assessment

tcp connection hijacker, rust rewrite of shijack

An open source Android application that is intentionally vulnerable so as to act as a learning platform for Android application security beginners.

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

An extensible toolkit providing penetration testers an easy-to-use platform to deploy Access Points during penetration testing and red team engagements.

AWS Identity and Access Management Visualizer and Anomaly Finder

Vagrant VirtualBox environment for conducting an internal network penetration test

Spoof SSDP replies and create fake UPnP devices to phish for credentials and NetNTLM challenge/response.

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

Tool to automate common OSINT tasks

A Not So Very Intelligent Fuzzer: An advanced fuzzing framework designed to find vulnerabilities in C/C++ code.

A web front-end for password cracking and analytics