1165 Open source projects that are alternatives of or similar to Ansvif

Meltdown Exploit / Proof-of-concept / checks whether system is affected by Variant 3: rogue data cache load (CVE-2017-5754), a.k.a MELTDOWN.

Browse and search through nmap's NSE scripts.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

使用docker快速搭建各大漏洞靶场，目前可以一键搭建17个靶场。

A graph-based tool for visualizing effective access and resource relationships in AWS environments.

It's a simple tool for test vulnerability shellshock

OPCDE Cybersecurity Conference Materials

Command line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.

Auto Scanning to SSL Vulnerability

Windows exploits, mostly precompiled. Not being updated. Check https://github.com/SecWiki/windows-kernel-exploits instead.

Fuzzapi is a tool used for REST API pentesting and uses API_Fuzzer gem

This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference

Automatic finder for subdomains vulnerable to takeover. Written in Go, based on @haccer's subjack.

Appsecco training course content on Attacking and Auditing Dockers Containers and Kubernetes Clusters

Exploit Discord's cache system to remote upload payloads on Discord users machines

OSINT Tool: Generate username lists for companies on LinkedIn

Browser Exploitation Framework is a Open-source penetration testing tool that focuses on browser-based vulnerabilities .This Python Script does the changes Required to make hooked Linked Accessible Over WAN .So anyone can use this framework and Attack Over WAN without Port Forwarding [NGROK or any Localhost to Webhost Service Required ]

👻Stowaway -- Multi-hop Proxy Tool for pentesters

Simple Server Side Request Forgery services enumeration tool.

Notes for taking the OSCP in 2097. Read in book form on GitBook

Automation for internal Windows Penetrationtest / AD-Security

Run fuzzing experiments in Docker

Responsive Command and Control System

vulscan 扫描系统：最新的poc&exp漏洞扫描，redis未授权、敏感文件、java反序列化、tomcat命令执行及各种未授权扫描等...

PS / Bash / Python / Other scripts For FUN!

Framework to test any Anti-Cheat

无状态子域名爆破工具

Social Network Tabs Wordpress Plugin Vulnerability - CVE-2018-20555

Roundcube 1.0.0 <= 1.2.2 Remote Code Execution exploit and vulnerable container

Variation of american fuzzy lop for testing compilers for C-like languages, revised by Alex Groce & collaborators to fuzz tools processing source code in C-like languages

Venom - A Multi-hop Proxy for Penetration Testers

Automated Mass Exploiter

📚 VoidHack CTF write-ups

Attack Surface Management Platform | Sn1perSecurity LLC

A bare-metal x86 instruction set fuzzer a la Sandsifter

NetCat for Windows

BURP extension to record every HTTP request send via BURP and create an audit trail log of an assessment.

Apache Solr Injection Research

Uses Empire's (https://github.com/BC-SECURITY/Empire) RESTful API to automate gaining Domain and/or Enterprise Admin rights in Active Directory environments using some of the most common offensive TTPs.

QSYM: A Practical Concolic Execution Engine Tailored for Hybrid Fuzzing

Roblox Exploit Source Code Called IceMeme with some cmds, lua c and limited lua execution with simple ui in c#

Open source pre-operation C2 server based on python and powershell

Go-deliver is a payload delivery tool coded in Go.

JustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)

Towards Large-Scale Emulation of IoT Firmware for Dynamic Analysis

This repository contains the code for a fuzzing prototype for the OP-TEE system call interface using AFL.

Fully chained kernel exploit for the PS Vita on firmwares 3.65-3.68

A testing framework for automatically finding and simplifying bugs in graphics shader compilers.

won't maintain

CERIO RCE CVE-2018-18852, authenticated (vendor defaults) web-based RCE as root user.

Hypervisor Memory Introspection Core Library

C++ GUI for TegraRcmSmash (Fusée Gelée exploit for Nintendo Switch)

The best Hacking and PenTesting tools installer on the world

一键生成Java代码的burp插件/Generate Java script for fuzzing in Burp。

A fuzzing framework for network servers

DOM fuzzer

Single-file PHP shell

A repo with information about security of Ethereum Smart Contracts

Fuzzing Parsers with Tokens

Dump exposed HTTP .git fast