672 Open source projects that are alternatives of or similar to Autordpwn

The Collective. A repo for a collection of red-team projects found mostly on Github.

🔨 A modern multiple reverse shell sessions manager wrote in go

Empire HTTP(S) C2 redirector setup script

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

Linux Rootkits (4.x Kernel)

Go-deliver is a payload delivery tool coded in Go.

This repo will contain some basic pentest/RT commands.

Automated hacking tool that will find leaked databases with 97.1% accurate to grab mail + password together from recent uploads from https://pastebin.com. Bruteforce support for spotify accounts, instagram accounts, ssh servers, microsoft rdp clients and gmail accounts

A unified console to perform the "kill chain" stages of attacks.

Intelligent XSS detection tool that uses human techniques for looking for reflected cross-site scripting (XSS) vulnerabilities

🦄🔒 Awesome list of secrets in environment variables 🖥️

PacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

Applied offensive security with Rust - Early access - https://academy.kerkour.com/black-hat-rust?coupon=GITHUB

A bash script for recon and DOS attacks

SessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally.

Physmem2profit can be used to create a minidump of a target hosts' LSASS process by analysing physical memory remotely

An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.

A collection of useful scripts for Cobalt Strike

Wiki to collect Red Team infrastructure hardening resources

The all-in-one Red Team extension for Web Pentester 🛠

Python3 tool to perform password spraying using RDP

Python 3.5+ DNS asynchronous brute force utility

🔪 Leak git repositories from misconfigured websites

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

Adversarial Robustness Toolbox (ART) - Python Library for Machine Learning Security - Evasion, Poisoning, Extraction, Inference - Red and Blue Teams

HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.

Use ExpiredDomains.net and BlueCoat to find useful domains for red team.

Fast browser-based network discovery module

A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.

DNS Rebinding Exploitation Framework

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

Nvidia's PCSS soft shadow algorithm implemented in Unity

A web front-end for password cracking and analytics

A "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)

hydra

Collection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi

mRemoteNG is the next generation of mRemote, open source, tabbed, multi-protocol, remote connections manager.

A ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network

This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference

Creates up to a thousand WiFi access points with custom SSIDs.

Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.

Appsecco training course content on Attacking and Auditing Dockers Containers and Kubernetes Clusters

Generate unicode evil domains for IDN Homograph Attack and detect them.

All your IPs are belong to us.

FreeRDP is a free remote desktop protocol library and clients

电话攻击(电话轰炸、可代替短信轰炸)、留言攻击工具 | 已删库

OSINT Tool: Generate username lists for companies on LinkedIn

RDP man-in-the-middle (mitm) and library for Python with the ability to watch connections live or after the fact

A swiss army knife for pentesting networks

Remote Administration Tools

Python based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.

Add a long shadow on any Android View

👻Stowaway -- Multi-hop Proxy Tool for pentesters

Aggressor scripts for use with Cobalt Strike 3.0+

Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords

mXtract - Memory Extractor & Analyzer

Gorsair hacks its way into remote docker containers that expose their APIs