506 Open source projects that are alternatives of or similar to Badpods

Browser Exploitation Framework is a Open-source penetration testing tool that focuses on browser-based vulnerabilities .This Python Script does the changes Required to make hooked Linked Accessible Over WAN .So anyone can use this framework and Attack Over WAN without Port Forwarding [NGROK or any Localhost to Webhost Service Required ]

X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

Learning Penetration Testing of Android Applications

Scripts I use during pentest engagements.

Let's you perform domain/IP information gathering... in BASH! Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?"

Advanced dork Search & Mass Exploit Scanner

Post-Exploitation Framework

Responsive Command and Control System

Infection Monkey - An automated pentest tool

🌸 Interactive shellcoding environment to easily craft shellcodes

Python Books for Security

🆕 The Multi-Tool Web Vulnerability Scanner.

This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

Good to know, easy to forget information about binaries and their exploitation!

Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands on training!

Display information about files in different file formats and find gadgets to build rop chains for different architectures (x86/x86_64, ARM/ARM64, MIPS, PowerPC, SPARC64). For disassembly ropper uses the awesome Capstone Framework.

Exploit Pack -The next generation exploit framework

The Mobile Application Security Verification Standard (MASVS) is a standard for mobile app security.

Academic papers related to fuzzing, binary analysis, and exploit dev, which I want to read or have already read

My solutions to some CTF challenges and a list of interesting resources about pwning stuff

Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.

Security Tool to Look For Interesting Files in S3 Buckets

Payload for teensy like a rubber ducky but the syntax is different. this Human interfaes device ( HID attacks ). Penetration With Teensy . Brutal is a toolkit to quickly create various payload,powershell attack , virus attack and launch listener for a Human Interface Device ( Payload Teensy )

A documentation about how to hack Minecraft servers

Web path scanner

A portable console aimed at making pentesting with PowerShell a little easier.

IPv6 attack toolkit

Command line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.

UNIX-like reverse engineering framework and command-line toolset.

vulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}

Ruby on Rails Phishing Framework

Exploitation and Mitigation Slides

Jackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.

Writeup of CVE-2020-15906

USB Rubber Ducky type scripts written for the DigiSpark.

The Collective. A repo for a collection of red-team projects found mostly on Github.

Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.

Remote exploitation framework written in Python

DotDotPwn - The Directory Traversal Fuzzer

Blind Attacking Framework

A powerful hacker toolkit collected more than 10 categories of open source scanners from Github - 安全行业从业者自研开源扫描器合辑

Passhunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.

The Offensive Manual Web Application Penetration Testing Framework.

Modern tactical exploitation toolkit.

Reverse-engineering tools and exploits for Samsung's implementation of TrustZone

Security Evaluation of Dynamic Binary Instrumentation Engines

Burp extension to passively scan for applications revealing software version numbers

Full exploit chain (CVE-2019-11708 & CVE-2019-9810) against Firefox on Windows 64-bit.

An HTTP/HTTPS intercept proxy written in Go.

An IDA Pro plugin to examine the glibc heap, focused on exploit development

Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords

Work in progress...

A Virtual Machine For Assessing Android applications, Reverse Engineering and Malware Analysis

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

Hack the World using Termux

👶 BabySploit Beginner Pentesting Toolkit/Framework Written in Python 🐍

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

A distributed nmap / masscan scanning framework complete with an API client for automation workflows

Gives you one-liners that aids in penetration testing operations, privilege escalation and more