1517 Open source projects that are alternatives of or similar to Badkarma

🔖 Modern Javascript keylogger with web panel

Lockphish it's the first tool (07/04/2020) for phishing attacks on the lock screen, designed to grab Windows credentials, Android PIN and iPhone Passcode using a https link.

An awesome collection of curated Cyber Security resources(Books, Tutorials, Blogs, Podcasts, ...)

Work in progress...

Vaf is a cross-platform very advanced and fast web fuzzer written in nim

一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具，可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如：Title、Domain、CDN、指纹信息、状态信息等。

Jxnet is a Java library for capturing and sending custom network packet buffers with no copies. Jxnet wraps a native packet capture library (libpcap/winpcap/npcap) via JNI (Java Native Interface).

All in One Hacking Tool for Linux & Android (Termux). Make your linux environment into a Hacking Machine. Hackers are welcome in our blog

PyIris is a modular remote access trojan toolkit written in python targeting Windows and Linux systems.

Search shodan without any knowledge about its queries

Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting

Web Penetration Testing with Kali Linux - Third Edition, published by Packt

Multi source CVE/exploit parser.

Captive wifi hotspot bypass tool for Linux

Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

HOSTS file and research project to block all known NSA / GCHQ / C.I.A. / F.B.I. spying server

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Hacking Tools Z0172CK

An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.

Kali Intelligence Suite (KIS) shall aid in the fast, autonomous, central, and comprehensive collection of intelligence by executing standard penetration testing tools. The collected data is internally stored in a structured manner to allow the fast identification and visualisation of the collected information.

Payload for teensy like a rubber ducky but the syntax is different. this Human interfaes device ( HID attacks ). Penetration With Teensy . Brutal is a toolkit to quickly create various payload,powershell attack , virus attack and launch listener for a Human Interface Device ( Payload Teensy )

Automated Pentest Tools Designed For Parrot Linux

Quick SQL Scanner, Dorker, Webshell injector PHP

Related subdomains finder

REST API backend for Reconmap

OneForAll是一款功能强大的子域收集工具

vulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}

Ladon Network Penetration Scanner for PowerShell, vulnerability / exploit / detection / MS17010/SmbGhost,Brute-Force SMB/IPC/WMI/NBT/SSH/FTP/MSSQL/MYSQL/ORACLE/VNC

Ferramenta para quebrar senhas administrativas de roteadores Wireless, routers, switches e outras plataformas de gestão de serviços de rede autenticados.

📚 Overview 🔒 Tooling 🔒 Process 🔒 Physical 🔒 People 📚

XSHOCK Shellshock Exploit

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

Automated Web Recon Shell Scripts

graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology is behind a given GraphQL endpoint.

zynix-Fusion is a framework that aims to centralize, standardizeand simplify the use of various security tools for pentest professionals.zynix-Fusion (old name: Linux evil toolkit) has few simple commands, one of which is theinit function that allows you to define a target, and thus use all the toolswithout typing anything else.

No description or website provided.

An nmap wrapper library for .NET

Go library for credentials recovery

SSH man-in-the-middle tool

🔪 Leak git repositories from misconfigured websites

my oscp prep collection

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

OSINT Tool: Generate username lists for companies on LinkedIn

Track any ip address with IP-Tracker. IP-Tracker is developed for Linux and Termux. you can retrieve any ip address information using IP-Tracker.

RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.

A compilation of network scanning strategies to find vulnerable devices

Provides various Windows Server Active Directory (AD) security-focused reports.

📡 A python program to create a fake AP and sniff data.

Bash script that automates the enumeration of domains and DNS servers in the active information gathering.

Network recon framework. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, collect and analyse network intelligence from your sensors, and much more!

Ashok is a OSINT Recon Tool , a.k.a 😍 Swiss Army knife .

Hacking Tools

Tentacle is a POC vulnerability verification and exploit framework. It supports free extension of exploits and uses POC scripts. It supports calls to zoomeye, fofa, shodan and other APIs to perform bulk vulnerability verification for multiple targets.

Hacking, pen-testing, and cyber-security related tools built with Python.

BGP ranking is a free software to calculate the security ranking of Internet Service Provider (ASN)

CMS auto detect and exploit.

Overlord - Red Teaming Infrastructure Automation

🥀 Search Engine Tookit，URL采集、Favicon哈希值查找真实IP、子域名查找

Logmira by Blumira has been created by Amanda Berlin as a helpful download of Microsoft Windows Domain Group Policy Object settings.