767 Open source projects that are alternatives of or similar to Blackhat Python Book

Penetration Testing notes, resources and scripts

Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.

Infection Monkey - An automated pentest tool

pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)

👶 BabySploit Beginner Pentesting Toolkit/Framework Written in Python 🐍

NetCat for Windows

hydra

A simple tool for interacting with OWASP ZAP from the commandline.

Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands on training!

Let's you perform domain/IP information gathering... in BASH! Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?"

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

🔐 Docker Container for Penetration Testing & Security

JustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)

Useful tools and scripts during Penetration Testing engagements

A ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network

Attack Surface Management Platform | Sn1perSecurity LLC

Web path scanner

Gorsair hacks its way into remote docker containers that expose their APIs

备考 OSCP 的各种干货资料/渗透测试干货资料

A web front-end for password cracking and analytics

🔪 Leak git repositories from misconfigured websites

The Collective. A repo for a collection of red-team projects found mostly on Github.

A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python

Command line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.

Quiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.

A tool to test security of json web token

Silentbridge is a toolkit for bypassing 802.1x-2010 and 802.1x-2004.

Dradis Framework: Colllaboration and reporting for IT Security teams

HostHunter a recon tool for discovering hostnames using OSINT techniques.

Sifter aims to be a fully loaded Op Centre for Pentesters

OSINT Tool: Generate username lists for companies on LinkedIn

All releases of the security research group (a.k.a. hackers) The Hacker's Choice

Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords

An Arch Linux repository for security professionals and enthusiasts. Done the Arch Way and optimized for i686, x86_64, ARMv6, ARMv7 and ARMv8.

Ruby on Rails Phishing Framework

Python based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

Hacking Toolkit

A curated list of awesome OSCP resources

Tool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Steganography brute-force utility to uncover hidden data inside files

The Robot Security Framework (RSF), Robot Security Framework (RSF), a standardized methodology to perform security assessments in robotics.

A list to discover work of red team tooling and methodology for penetration testing and security assessment

Collection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)

A small Php application to fetch archive url snapshots from archive.org. using it you can fetch complete list of snapshot urls of any year or complete list of all years possible. Made Specially for penetration testing purpose.

A collection of public offensive and defensive security related scripts for InfoSec students.

A collection of Ansible roles for automating infosec builds.

Automated Security Testing For REST API's

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

Python Interactive Deepweb-oriented Rapid Intelligent Link Analyzer

Powerful Visual Subdomain Enumeration at the Click of a Mouse

Study Notes For Web Hacking / Web安全学习笔记

🏴‍☠️ Information Gathering tool 🏴‍☠️ DNS / Subdomains / Ports / Directories enumeration

XSSMap 是一款基于 Python3 开发用于检测 XSS 漏洞的工具

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

Idiomatic nmap library for go developers

👀 🖥️ Golang rewrite of eyes.sh. Let's you perform domain/IP address information gathering. Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?" 🔍 🕵️

my oscp prep collection

A wrapper for Nmap to quickly run network scans