1585 Open source projects that are alternatives of or similar to Autosploit

Research on Anti-malware and other related security solutions

Drupal < 7.58 - Drupalgeddon 3 Authenticated Remote Code Execution (Metasploit)

Advanced Web Browser Fingerprinting

Full exploit chain (CVE-2019-11708 & CVE-2019-9810) against Firefox on Windows 64-bit.

Penetration test Achieve Knowledge Unite Rapid Interface

Remote exploitation framework written in Python

A general purpose memory allocator that implements an isolation security strategy to mitigate memory safety issues while maintaining good performance

TryHackMe CTFs writeups, notes, drafts, scrabbles, files and solutions.

Continuously monitor your AWS services for configurations that can lead to degradation of confidentiality, integrity or availability. All results will be sent to Security Hub for further aggregation and analysis.

This repository contains full code examples from the book Gray Hat C#

AndroRAT | Remote Administrator Tool for Android OS Hacking

PacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.

PHP Magic Number Detector

Sifter aims to be a fully loaded Op Centre for Pentesters

A programmable, observable and distributed job orchestration system.

Enable Self-Service Operations: Give specific users access to your existing tools, services, and scripts

这是我准备写的第一本书，其实早些时候已经打算开始写书了，只是苦于没有写书经验，无从下手。写书不同于博客，写书需要将知识，经验等系统化地讲述出来，而我现在恰巧缺乏这种表现能力。因此我决定在这里将项目中零散的东西记录下来，然后后期润色一下，写成一本书。

This repository contains several applications, demonstrating the Meltdown bug.

Python module for interacting with Netgear's Arlo camera system.

Subaru StarLink persistent root code execution.

iOS support agent for automation

Enumerate and disable common sources of telemetry used by AV/EDR.

Multiplatform reverse shell generator

A complete test automation tool

HostHunter a recon tool for discovering hostnames using OSINT techniques.

Android Security Suite for in-depth reconnaissance and static bytecode analysis based on Ghera benchmarks.

linux-kernel-exploits Linux平台提权漏洞集合

WADComs is an interactive cheat sheet, containing a curated list of Unix/Windows offensive tools and their respective commands.

Performing security tests inside your CI

Various kernel exploits

Security scanner coordinator

一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具，可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如：Title、Domain、CDN、指纹信息、状态信息等。

The smart, automatic Dark Mode toggle for macOS Mojave+

Collective Knowledge framework (CK) helps to organize black-box research software as a database of reusable components and micro-services with common APIs, automation actions and extensible meta descriptions. See real-world use cases from Arm, General Motors, ACM, Raspberry Pi foundation and others:

NodeJS Simple Network Scanner

Kindle 5.6.5 exploitation tools.

Bypassing disabled exec functions in PHP (c) CRLF

Anno-Mage: A Semi Automatic Image Annotation Tool which helps you in annotating images by suggesting you annotations for 80 object classes using a pre-trained model

Build Automation in PowerShell

C++ Reflection Parser / Runtime Skeleton

Public append-only ledger microservice built with Slim Framework

Espressif ESP32 Based Smarthome screen for MQTT

A curated collection of publicly available resources on how technology and tech-savvy organizations around the world use Amazon Web Services (AWS)

Shuffle: A general purpose security automation platform platform. We focus on accessibility for all.

A source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' quickly using static analysis with a json based rules engine. Ideal for scanning components before use or detecting feature level changes.

An exploit for Apache Struts CVE-2017-5638

Automagically update nuget packages in .NET projects

Blueborne CVE-2017-0785 Android information leak vulnerability

Ansible and Kubernetes examples from Ansible for Kubernetes Book

Undetectable & Xor encrypting with custom KEY (FUD Metasploit Rat) bypass Top Antivirus like BitDefender,Malwarebytes,Avast,ESET-NOD32,AVG,... & Automatically Add ICON and MANIFEST to excitable

一款功能强大的漏洞扫描器，子域名爆破使用aioDNS，asyncio异步快速扫描，覆盖目标全方位资产进行批量漏洞扫描，中间件信息收集，自动收集ip代理，探测Waf信息时自动使用来保护本机真实Ip，在本机Ip被Waf杀死后，自动切换代理Ip进行扫描，Waf信息收集(国内外100+款waf信息)包括安全狗，云锁，阿里云，云盾，腾讯云等，提供部分已知waf bypass 方案，中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等)，支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能

A hyper plugin to provide a flexible GDB GUI with the help of GEF, pwndbg or peda

Whatsapp Web Bot - Example of Bot for use on Whatsapp Web (on Chrome)

Extract and aggregate threat intelligence.

E2E test framework for tests with complex environment requirements.

Tests for race conditions in web applications. Includes a RESTful API to integrate into a continuous integration pipeline.

Utilities for automated crash sample processing/analysis, easy afl-fuzz job management and corpus optimization

BruteSploit is a collection of method for automated Generate, Bruteforce and Manipulation wordlist with interactive shell. That can be used during a penetration test to enumerate and maybe can be used in CTF for manipulation,combine,transform and permutation some words or file text :p

network visualization & vulnerability management/reporting

Hypervisor Memory Introspection Core Library