464 Open source projects that are alternatives of or similar to Baf

Web Recon & Exploitation Tool.

A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.

📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

A Tool that Finds, Enumerates, and Exploits Reolink Cameras.

Entropy Toolkit is a set of tools to provide Netwave and GoAhead IP webcams attacks. Entropy Toolkit is a powerful toolkit for webcams penetration testing.

vulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}

X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

DevBrute is a Password Brute Forcer, It can Brute Force almost all Social Media Accounts or Any Web Application.

Command line tool that allows you to explore IoT devices by using Shodan API.

Bramble is a hacking Open source suite.

Reconnaissance tool of Penetration test & Bug Bounty

A Python-powered exploitation framework and botnet.

Advanced dork Search & Mass Exploit Scanner

Ferramenta para quebrar senhas administrativas de roteadores Wireless, routers, switches e outras plataformas de gestão de serviços de rede autenticados.

Discover hidden deepweb pages

A Suite of Tools written in Python for wireless auditing and security testing.

🌸 Interactive shellcoding environment to easily craft shellcodes

Keylogger for mac written in Swift using HID

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

XSHOCK Shellshock Exploit

A Router WiFi key recovery/cracking tool with a twist.

Remote exploitation framework written in Python

记录自己编写、修改的部分工具

bayonet是一款src资产管理系统，从子域名、端口服务、漏洞、爬虫等一体化的资产管理系统

Providing aid in converting video games.

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)

Infoga - Email OSINT

Academic papers related to fuzzing, binary analysis, and exploit dev, which I want to read or have already read

fsociety Hacking Tools Pack – A Penetration Testing Framework

🌐 Automatically enumerate and fingerprint SD-WAN nodes on the internet

Awesome tools to exploit Windows !

An offline Wi-Fi Protected Setup brute-force utility

Exploit code for CVE-2016-9066

People tracker on the Internet: OSINT analysis and research tool by Jose Pino

Best DDoS Attack Script Python3, Cyber Attack With 36 Method

Tool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.

Writeup of CVE-2020-15906

Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.

Security Evaluation of Dynamic Binary Instrumentation Engines

Linux Binary Exploitation

无状态子域名爆破工具

Exploit Pack -The next generation exploit framework

Asynchronous Python implementation of SlowLoris DoS attack

SkyRAT - Powershell Remote Administration Tool

Collection of Scripts for shodan searching stuff.

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

Web path scanner

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.

An automated, modular cryptanalysis tool; i.e., a Weapon of Math Destruction

WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites.

A collection where my current and future writeups for exploits/CTF will go

UNIX-like reverse engineering framework and command-line toolset.

Very vulnerable ARM/AARCH64 application (CTF style exploitation tutorial with 14 vulnerability techniques)

Good to know, easy to forget information about binaries and their exploitation!

WebShell Backdoor Framework

Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework