1403 Open source projects that are alternatives of or similar to Awesome Privilege Escalation

Just Another Linux Enumeration Script: A Bash script for locally enumerating a compromised Linux box

Leverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

Know the dangers of credential reuse attacks.

scan for NTLM directories

RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.

Offensive tools as Dockerfiles. Lightweight & Ready to go

Portia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised. Portia performs privilege escalation as well as lateral movement automatically in the network

A Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.

RubberDucky like payloads for DigiSpark Attiny85

TechNowLogger is Windows/Linux Keylogger Generator which sends key-logs via email with other juicy target info

A high performance offensive security tool for reconnaissance and vulnerability scanning

3389远程桌面代码执行漏洞CVE-2019-0708批量检测工具(Rdpscan Bluekeep Check)

Dorks for shodan.io. Some basic shodan dorks collected from publicly available data.

Proton Framework is a Windows post-exploitation framework similar to other Windows post-exploitation frameworks. The major difference is that the Proton Framework does most of its operations using Windows Script Host, with compatibility in the core to support a default installation of Windows 2000 with no service packs all the way through Windows 10.

A list of payload and bypass lists for penetration testing and red team infrastructure build.

An Arch Linux repository for security professionals and enthusiasts. Done the Arch Way and optimized for i686, x86_64, ARMv6, ARMv7 and ARMv8.

Steganography brute-force utility to uncover hidden data inside files

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

Advanced and easy to use penetration testing framework 💣🔎

A Python tool used to automate the execution of the following tools : Nmap , Nikto and Dirsearch but also to automate the report generation during a Web Penetration Testing

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

A tool to fastly get all javascript sources/files

swiss army knife for hackers

Hawkeye filesystem analysis tool

Spoof SSDP replies and create fake UPnP devices to phish for credentials and NetNTLM challenge/response.

The all-in-one Red Team extension for Web Pentester 🛠

An automated e-mail OSINT tool

retrieve information via O365 with a valid cred

Rockyou for web fuzzing

CTF (Capture The Flag) writeups, code snippets, notes, scripts

大型内网渗透扫描器&Cobalt Strike，Ladon8.9内置120个模块，包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2，密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem，Poc/Exploit,支持Cobalt Strike 3.X-4.0

CTF竞赛权威指南

🤖 The Modern Port Scanner 🤖

Hosted Reverse Shell generator with a ton of functionality. -- (Great for CTFs)

Cameradar hacks its way into RTSP videosurveillance cameras

Git All the Payloads! A collection of web attack payloads.

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

CTF Cheatsheet

PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.

Applied offensive security with Rust - Early access - https://academy.kerkour.com/black-hat-rust?coupon=GITHUB

Writeups for infosec Capture the Flag events by team Galaxians

🔑 Hash type identifier (CLI & lib)

Tool to communicate with RPC services and check misconfigurations on NFS shares

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

This tool provides commandline access for https://www.hackthebox.eu, https://tryhackme.com/ and https://www.vulnhub.com/ machines.

Get GTFOBins info about a given exploit from the command line

Linux kernel development & exploitation lab.

Framework for rapid development and reusable of security tools

My notebook for OSCP Lab

This cheasheet is aimed at the CTF Players and Beginners to help them sort Vulnhub Labs. This list contains all the writeups available on hackingarticles.

Writeups for vulnerable machines.

Python AV Evasion Tools

Idiomatic nmap library for go developers

👻 A LAN dropbox chatbot controllable via Telegram

Capture-the-Flag (CTF) environment setup tools for OWASP Juice Shop supporting CTFd, FBCTF and RootTheBox

Yet Another PHP Shell - The most complete PHP reverse shell

A Modular Framework for the Automated Vulnerability Analysis in IP-based Networks

OSINT

Create a VPS on Google Cloud Platform or Digital Ocean easily with Offensive Docker included to launch assessment to the targets.