792 Open source projects that are alternatives of or similar to awesome-pentest-tools

Fully automated offensive security framework for reconnaissance and vulnerability scanning

It's a tool which generate a dictionary from a csv containing personals informations. Generate all common passwords based on perso info. (leet transformations and combinatory processing)

Ladon Moudle MS17010 Exploit for PowerShell

Pymeta will search the web for files on a domain to download and extract metadata. This technique can be used to identify: domains, usernames, software/version numbers and naming conventions.

The ultimate WinRM shell for hacking/pentesting

PeekABoo tool can be used during internal penetration testing when a user needs to enable Remote Desktop on the targeted machine. It uses PowerShell remoting to perform this task. Note: Remote desktop is disabled by default on all Windows operating systems.

C2/post-exploitation framework

Subdomain enumeration through various techniques

JustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)

Multi source CVE/exploit parser.

CVE-2016-8610 (SSL Death Alert) PoC

Quick SQL Scanner, Dorker, Webshell injector PHP

Bifrost C2. Open-source post-exploitation using Discord API

A tool for generating reverse shell payloads on the fly.

Create a VPS on Google Cloud Platform or Digital Ocean easily with Offensive Docker included to launch assessment to the targets.

🔎 Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.

Install the tools and start Attacking , black-tool v5.0 ! ⬛

A script to configure a TP-Link MR3040 running OpenWRT into a simple, yet powerful penetration-testing "dropbox".

Nmap and NSE command line wrapper in the style of Metasploit

Pentesting tool for Minecraft

Argus Advanced Remote & Local Keylogger For macOS and Windows

Jasmin Ransomware is an advanced red team tool (WannaCry Clone) used for simulating real ransomware attacks. Jasmin helps security researchers to overcome the risk of external attacks.

Ashok is a OSINT Recon Tool , a.k.a 😍 Swiss Army knife .

A collection of useful links for Pentesters

Dumain Bruteforcer - a fast and flexible domain bruteforcer

Pentester's Promiscuous Notebook

Load shellcode via HELLGATE, Rewrite hellgate with .net framework for learning purpose.

🦁 Juumla is a python tool created to identify Joomla version, scan for vulnerabilities and search for config or backup files.

Control the parameters of an Android system with the power of Xposed framework. 通过Xposed框架控制Android参数。

Kali Live Build Scripts

scripts to setup pentesting system and use during pentest

18+Facebook-Phishing.Hack Facebook

Spray365 makes spraying Microsoft accounts (Office 365 / Azure AD) easy through its customizable two-step password spraying approach. The built-in execution plan features options that attempt to bypass Azure Smart Lockout and insecure conditional access policies.

BadUSB Teensy downexec exploit support Windows & Linux / Windows Cmd & PowerShell addUser exploit

Advanced search in search engines, enables analysis provided to exploit GET / POST capturing emails & urls, with an internal custom validation junction for each target / url found.

Track any ip address with IP-Tracker. IP-Tracker is developed for Linux and Termux. you can retrieve any ip address information using IP-Tracker.

Developer Helper where you can find all resources related to open source and software developer resources

⚡ Open-source software for deep learning-based digital pathology

高效、好玩、有趣的 Mac 软件推荐

Company Passwords Profiler (aka ComPP) helps making a bruteforce wordlist for a targeted company.

Tetra3D is a 3D hybrid software/hardware renderer made for games written in Go with Ebitengine.

A catalog of software libraries to feed Moiva.io suggestions system

Set up your macOS from scratch.

Low level software for the SMART response XE

d(ockerp)wn - a docker pwn tool manager

My python3 implementation of a Forward Shell

Instagram multi-bruteforce Platfrom

Refluxion -- MITM WPA attacks tool

useful pentest note

python functions for applied use of schema.org

Little Bug Bounty & Hacking Tools⚔️

A framework which will help you to make (incremental) backups of your site.

PoC Command and Control Server. Interact with clients through a private web interface, add new users for team sharing and more.

Software Design Patterns

No description or website provided.

WordPress pentest tool

Python reference implementation of The Update Framework (TUF)

trolo - an easy to use script for generating Payloads that bypasses antivirus

Log4J scanner that detects vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046, etc) on your file-system within any application. It is able to even find Log4J instances that are hidden several layers deep. Works on Linux, Windows, and Mac, and everywhere else Java runs, too!

Alguns desafios para os participantes dos grupos de estudo