477 Open source projects that are alternatives of or similar to Badintent

备考 OSCP 的各种干货资料/渗透测试干货资料

pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)

Quick utility to craft executables for pentesting and managing reverse shells

Some of my security stuff and vulnerabilities. Nothing advanced. More to come.

Passwords Recovery Tool

SessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally.

HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.

🏴‍☠️ Tools for pentesting, CTFs & wargames. 🏴‍☠️

Semi-automatic OSINT framework and package manager

Python network tool, similar to Netcat with custom features.

A curated list of awesome OSCP resources

THE ESP8266 HONEYPOT

A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.

A tool for bug hunting or pentesting for targeting websites that have open .git repositories available in public

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

A repository of telemetry domains and URLs used by mobile location tracking, user profiling, targeted marketing and aggressive ads libraries.

Tool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.

Rescope is a tool geared towards pentesters and bugbounty researchers, that aims to make life easier when defining scopes for Burp Suite and OWASP ZAP.

Spoilerwall introduces a brand new concept in the field of network hardening. Avoid being scanned by spoiling movies on all your ports!

🦄🔒 Awesome list of secrets in environment variables 🖥️

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)

Just Another Linux Enumeration Script: A Bash script for locally enumerating a compromised Linux box

linuxprivchecker.py -- a Linux Privilege Escalation Check Script

Oversecured Vulnerable iOS App

Reverse proxies cheatsheet

Hashcat web interface

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

Hundreds of Offensive and Useful Docker Images for Network Intrusion. The name says it all.

Web path scanner

WhiteWinterWolf's PHP web shell

Collection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi

Various analysis of Android stalkerware

Hacking Toolkit

Windows one line commands that make life easier, shortcuts and command line fu.

Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.

A burp extender that recalculate signature value automatically after you modified request parameter value.

Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords

Advanced Web Shell

Burp extension intended to compact Burp extension tabs by hijacking them to own tab.

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

This code is vulnerable to SQL Injection and having SQLite database. For SQLite database, SQL Injection payloads are different so it is for fun. Just enjoy it \m/

hydra

巡风是一款适用于企业内网的漏洞快速应急，巡航扫描系统。

This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference

Python network worm that spreads on the local network and gives the attacker control of these machines.

Appsecco training course content on Attacking and Auditing Dockers Containers and Kubernetes Clusters

Keyfinder🔑 is a tool that let you find keys while surfing the web!

A swiss army knife for pentesting networks

An evil RAT (Remote Administration Tool) for macOS / OS X.

mXtract - Memory Extractor & Analyzer

This Burp extension helps you to find usages of postMessage and recvMessage

The Collective. A repo for a collection of red-team projects found mostly on Github.

Encoder to bypass WAF filters using XOR operations

This repository contains full code examples from the book Gray Hat C#

Framework designed to automate various wireless networks attacks (the project was presented on Pentester Academy TV's toolbox in 2017).

A REST API security testing framework.

Awesome cloud enumerator

A fully automatic wifi deauther coded in Python

Extension providing view with filtering capabilities for both complete and incomplete requests from all burp tools.

Captcha Intruder (CIntrud3r) is an automatic pentesting tool to bypass captchas.