749 Open source projects that are alternatives of or similar to Bella

Thoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.

DNS-Persist is a post-exploitation agent which uses DNS for command and control.

Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python

备考 OSCP 的各种干货资料/渗透测试干货资料

RSPET (Reverse Shell and Post Exploitation Tool) is a Python based reverse shell equipped with functionalities that assist in a post exploitation scenario.

HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.

An evil RAT (Remote Administration Tool) for macOS / OS X.

Sifter aims to be a fully loaded Op Centre for Pentesters

🏴‍☠️ Tools for pentesting, CTFs & wargames. 🏴‍☠️

Relational database brute force and post exploitation tool for MySQL and MSSQL

A framework for Backdoor development!

Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries

Parse OpenAPI documents into Burp Suite for automating OpenAPI-based APIs security assessments (approved by PortSwigger for inclusion in their official BApp Store).

Go-deliver is a payload delivery tool coded in Go.

Automation for internal Windows Penetrationtest / AD-Security

Python3 script to parse txt files containing Mimikatz output

HTML5 based online tool to extract numerical data from plot images.

A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python

A Python3 based single-file subdomain enumerator

📝 Подборка ресурсов по машинному обучению

Paramalyzer - Burp extension for parameter analysis of large-scale web application penetration tests.

WaTF Bank - What a Terrible Failure Mobile Banking Application for Android and iOS

BlackRAT - Java Based Remote Administrator Tool

EmbedOS - Embedded security testing virtual machine

Container with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters

A container repository for my public web hacks!

Exploit pack for pentesters and ethical hackers.

A Python Package for Monitoring Seismic Velocity Changes using Ambient Seismic Noise | http://www.msnoise.org

Python implementation of frequent subgraph mining algorithm gSpan. Directed graphs are supported.

Command line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.

unix SSH post-exploitation 1337 tool

Daggy - Data Aggregation Utility. Open source, free, cross-platform, server-less, useful utility for remote or local data aggregation and streaming

small python3 tool to check common vulnerabilities in SMTP servers

Let's you perform domain/IP information gathering... in BASH! Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?"

💻⚠️ A curated collection of awesome malware, botnets, and other post-exploitation tools.

Collection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)

💾 🧮 🤯 Parse the 'git log' of multiple repos to 'JSON'

Reverse Shell as a Service

my oscp prep collection

A collection of public offensive and defensive security related scripts for InfoSec students.

ARTi-C2 is a post-exploitation framework used to execute Atomic Red Team test cases with rapid payload deployment and execution capabilities via .NET's DLR.

Abusing Certificate Transparency logs for getting HTTPS websites subdomains.

The Collective. A repo for a collection of red-team projects found mostly on Github.

Explore high-dimensional datasets and how your algo handles specific regions.

2017京东金融全球数据探索者大赛(3rd place)

This mathematics course is taught for the first year Ph.D. students of computer science and related areas @ZJU

Graph Sampling is a python package containing various approaches which samples the original graph according to different sample sizes.

zynix-Fusion is a framework that aims to centralize, standardizeand simplify the use of various security tools for pentest professionals.zynix-Fusion (old name: Linux evil toolkit) has few simple commands, one of which is theinit function that allows you to define a target, and thus use all the toolswithout typing anything else.

[Data Castle 算法竞赛] 精品旅行服务成单预测 final rank 11

Highly cited and useful papers related to machine learning, deep learning, AI, game theory, reinforcement learning

🔪 Leak git repositories from misconfigured websites

Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network

This repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions

Automatic finder for subdomains vulnerable to takeover. Written in Go, based on @haccer's subjack.

Fast Modular Web Interfaces Bruteforcer

A set of recipes useful in pentesting and red teaming scenarios

Dex : The Data Explorer -- A data visualization tool written in Java/Groovy/JavaFX capable of powerful ETL and publishing web visualizations.

A step-by-step walkthrough of CloudGoat 2.0 scenarios.

Responsive Command and Control System

2017-CCF-BDCI-企业经营退出风险预测：9th/569 (Top 1.58%)