1517 Open source projects that are alternatives of or similar to Badkarma

Writeups for infosec Capture the Flag events by team Galaxians

Personal CTF Toolkit

JSON RSA to HMAC and None Algorithm Vulnerability POC

🌑 R package to work with the Shodan API

Pentesting tool for Minecraft

A tool that automates the process of enumeration

This is a complete project series on implementing hacking tools available in Kali Linux into python.

thelordseye searches and returns detailed information about devices that are directly connected to the internet [IoT] (Smart TV's, Fridges, Webcams, Traffic Lights etc).

Jasmin Ransomware is an advanced red team tool (WannaCry Clone) used for simulating real ransomware attacks. Jasmin helps security researchers to overcome the risk of external attacks.

A simple SSH bruteforce script targeting (not necessarily) Raspbian devices.

An automated target reconnaissance pipeline.

Asyncio concurrent Python finds SSH servers (or other services with open ports) on an IPv4 subnet, WITHOUT NMAP

Pentest environment deployer (kali linux + targets) using vagrant and chef.

PHP shells that work on Linux OS, macOS, and Windows OS.

🔐 Shim to easily install OWASP dependency-check-cli into Python projects

mirror of https://mypdns.org/my-privacy-dns/matrix as it is obviously no longer safe to do Girhub nor have we no longer any trust in them. See https://mypdns.org/my-privacy-dns/porn-records/-/issues/1347

Octopus - Network Scan/Infos & Web Scan

ConPtyShell - Fully Interactive Reverse Shell for Windows

个人笔记汇总

红蓝对抗以及护网相关工具和资料，内存shellcode（cs+msf）和内存马查杀工具

ICP备案查询，可查询企业或域名的ICP备案信息，自动完成滑动验证，保存结果到Excel表格，适用于2022年新版的工信部备案管理系统网站，告别频繁拖动验证，以及某站*工具要开通VIP才可查看备案信息的坑

Project dedicated to fight Layer 7 DDoS with proof of work, featuring an additional WAF. Completed with full set of features and containerized for rapid and lightweight deployment.

Infect Any Android Device With Virus From Link In Termux

Python-based CLI Password Analyser (Reporting Tool)

KInspector is an application for analyzing health, performance and security of your Kentico solution.

This is the official main repository for the Assimilation project

🔎 Find usernames across social networks.

The Pentester's Swiss Army Knife

Linux Driver for USB WiFi Adapters that are based on the RTL8811AU and RTL8821AU Chipsets

gonids is a library to parse IDS rules, with a focus primarily on Suricata rule compatibility. There is a discussion forum available that you can join on Google Groups: https://groups.google.com/forum/#!topic/gonids/

Python source code auditing and static analysis on a large scale

3389远程桌面代码执行漏洞CVE-2019-0708批量检测工具(Rdpscan Bluekeep Check)

The official wrapper for spyse.com API, written in Go, aimed to help developers build their integrations with Spyse.

A very (very) FAST and simple subdomain finder based on online & free services. Without any configuration requirements.

Android Apps, Roms and Platforms for Pentesting

渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms

Tool to communicate with RPC services and check misconfigurations on NFS shares

Totally Insecure Web Application Project (TIWAP)

Capture-the-Flag (CTF) environment setup tools for OWASP Juice Shop

集漏洞验证和任务运行的一个框架

Git All the Payloads! A collection of web attack payloads.

A webshell framework for penetration testers.

Tangalanga: the Zoom conference scanner hacking tool

Enables and use of the concept of security in your Delphi applications

Get GTFOBins info about a given exploit from the command line

A Passive DNS backend and collector

Shodan.io connector for Phantom Cyber Security Orchestration

The Lost Nintendo DS Television Output, brought back to life

Dumain Bruteforcer - a fast and flexible domain bruteforcer

Windows OS keylogger with a hook mechanism (i.e. with a keyboard hook procedure).

My notes on PentesterLab's Bootcamp series 🕵️

Scans an internal network using massscan and nmap

Dark-Phish is a complete phishing tool. For more about Dark-Phish tool please visit the website.

Scraps for publicly accessible MongoDB instances and dumps user passwords

The Simplistic Information Gathering Engine | Find Advanced Information on a Username, Website, Phone Number, etc.

Tool to generate smart and powerful wordlists

General stuff for pentesting - password cracking, phishing, automation, Kali, etc.

Calculate fingerprints of a website for OSINT search

Message from Anonymous :)

Check CPAN modules for known security vulnerabilities