347 Open source projects that are alternatives of or similar to attack-evals

A modular Python application to collect intelligence for malicious hosts.

a commandline #OSINT tool to find the online presence of a username in popular social media websites like Facebook, Instagram, Twitter, etc.

This repository contains links to awesome security articles.

Collection of several DDos tools.

Ultimate DevSecOps library

A tool for generating reverse shell payloads on the fly.

A template for writing a condensed course index leveraging LaTeX indexing

All In One Pentesting Tool For Recon & Auditing , Phone Number Lookup , Header , SSH Scan , SSL/TLS Scan & Much More.

ThePhish: an automated phishing email analysis tool

phishEye is an ultimate phishing tool in python. Includes popular websites like Facebook, Twitter, Instagram, LinkedIn, GitHub, Dropbox, and many others. Created with Flask, custom templates, and tunneled with ngrok and localhost.run.

学习安全运营的记录 | The knowledge base of security operation

In my computer security courses I make extensive usage of cheatsheets for various tools and extra materials to complement the student learning if they are willing to do so. I have decided to share them to enable others to take advantage of them

📝 urlRecon - Info Gathering or Recon tool for Urls -> Retrieves * Whois information of the domain * DNS Details of the domain * Server Fingerprint * IP geolocation of the server

Command line tool for passive reconnaissance, able to gather and link public information to a target domain, company or individual. It can make intelligence gathering faster and more effective by drastically reducing manual user interaction. This is achieved through the engineering of a highly customisable single input to multiple output solutio…

Provides various Windows Server Active Directory (AD) security-focused reports.

A curated list of awesome resources related to executable packing

recon-ng modules for Censys

A collection of some of my scripts

Spin up new Windows qubes quickly, effortlessly and securely on Qubes OS

Enumerate information from NTLM authentication enabled web endpoints 🔎

The Simplistic Information Gathering Engine | Find Advanced Information on a Username, Website, Phone Number, etc.

Git All the Payloads! A collection of web attack payloads.

Search a filesystem for indicators of compromise (IoC).

List of the most common French passwords

An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)

Lockphish it's the first tool (07/04/2020) for phishing attacks on the lock screen, designed to grab Windows credentials, Android PIN and iPhone Passcode using a https link.

Don't Just Search OSINT. Sweep It.

网络安全 · 攻防对抗 · 蓝队清单，中文版

This is my OSCP cheat sheet made by combining a lot of different resources online with a little bit of tweaking. I used this cheat sheet during my exam (Fri, 13 Sep 2019) and during the labs. I can proudly say it helped me pass so I hope it can help you as well ! Good Luck and Try Harder

🔑 Hash type identifier (CLI & lib)

The platform used to run picoCTF. A great framework to host any CTF.

Simple Windows Event Log Forwarder (SWELF). Its easy to use/simply works Log Forwarder and EVTX Parser. Almost in full release here at https://github.com/ceramicskate0/SWELF/releases/latest.

A backdoor with a multitude of features.

PassLock is a medium-security password manager that encrypts passwords using Advanced Encryption Standards (AES)

easy-to-use payload hosting

OSINT Bookmarks for Firefox / Chrome / Edge / Safari

FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.

Discover internet-wide misconfigurations while drinking coffee

An inventory of tools and resources about CyberSecurity that aims to help people to find everything related to CyberSecurity.

Information Security Library

These are the notes i have been taking since i started learning about ethical hacking and cybersecurity

WIFI Client Detection - Identify people by assigning a name to a device performing a wireless probe request.

The all-in-one Red Team extension for Web Pentester 🛠

Hashes of infamous malware

A CPU-based JSON Web Token (JWT) cracker and - to some extent - scanner.

Automated, extensible toolset that runs cypher queries against Bloodhound's Neo4j backend and saves output to spreadsheets.

Kubescape is a K8s open-source tool providing a multi-cloud K8s single pane of glass, including risk analysis, security compliance, RBAC visualizer and image vulnerabilities scanning.

No description or website provided.

Advanced buffer overflow and memory corruption security challenges

MagicPad is an encryption suite for beginners. It is designed to be run standalone via the browser or executable (Electron).

Monitoring GitHub for sensitive data shared publicly

🔐 Docker Container for Penetration Testing & Security

Python library and CLI for the Bug Bounty Recon API

Easily scan files for threats to security and privacy. A Rust library and command line tool. WIP.

Modification of BECTI made by zerty for the JMW Arma 3 server

ICTCore: Unified Communications Framework for web developers. Communications APIs for voice calls, SMS messaging, Fax communications and Emails

CyTrONE: Integrated Cybersecurity Training Framework

备考 OSCP 的各种干货资料/渗透测试干货资料

Capturing, analysing and responding to cyber attacks

Game of Thrones hacking CTF (Capture the flag)