767 Open source projects that are alternatives of or similar to Blackhat Python Book

Web Content Discovery Tool

SSH man-in-the-middle tool

Hardening Ubuntu. Systemd edition.

Penetration Testing Notes and Playbook (PTP)

Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.

A fast web directory/file enumeration tool written in Rust

ReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.

fully automated pentesting tool

Ferramenta para quebrar senhas administrativas de roteadores Wireless, routers, switches e outras plataformas de gestão de serviços de rede autenticados.

Advanced vulnerability scanning with Nmap NSE

Python script wrote to automate the process of generating various reverse shells.

Penetration Testing and Hacking CTF's Swiss Army Knife with: Reverse Shell Handling - Encoding/Decoding - Encryption/Decryption - Cracking Hashes / Hashing

Erlang port of famous radamsa fuzzzer.

Firmware Analysis and Comparison Tool

Automation for internal Windows Penetrationtest / AD-Security

The ultimate WinRM shell for hacking/pentesting

Python3 script to parse txt files containing Mimikatz output

PROJECT DELTA: SDN SECURITY EVALUATION FRAMEWORK

BurpSuite收集：包括不限于 Burp 文章、破解版、插件(非BApp Store)、汉化等相关教程，欢迎添砖加瓦---burpsuite-pro burpsuite-extender burpsuite cracked-version hackbar hacktools fuzzing fuzz-testing burp-plugin burp-extensions bapp-store brute-force-attacks brute-force-passwords waf sqlmap jar

Web hacking framework with tools, exploits by python

A collection of more than 140+ tools, scripts, cheatsheets and other loots that I have developed over years for Red Teaming/Pentesting/IT Security audits purposes. Most of them came handy on at least one of my real-world engagements.

Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.

Open source all-in-one CLI tool to semi-automate pentesting.

Simple Karma Attack

This code is vulnerable to SQL Injection and having SQLite database. For SQLite database, SQL Injection payloads are different so it is for fun. Just enjoy it \m/

📡 A python program to create a fake AP and sniff data.

Browse and search through nmap's NSE scripts.

WaTF Bank - What a Terrible Failure Mobile Banking Application for Android and iOS

Tool for complete hardening of Linux boot chain with UEFI Secure Boot

🔨 A modern multiple reverse shell sessions manager wrote in go

DefectDojo is an open-source application vulnerability correlation and security orchestration tool.

Hack the World using Termux

Thoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Tool to automate common OSINT tasks

A graph-based tool for visualizing effective access and resource relationships in AWS environments.

🏴‍☠️ Tools for pentesting, CTFs & wargames. 🏴‍☠️

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

渗透测试插件化并发框架 / Open-sourced remote vulnerability PoC/EXP framework

Awesome hacking is an awesome collection of hacking tools.

Micro-framework for rapid development of reusable security tools

Recsech is a tool for doing Footprinting and Reconnaissance on the target web. Recsech collects information such as DNS Information, Sub Domains, HoneySpot Detected, Subdomain takeovers, Reconnaissance On Github and much more you can see in Features in tools .

A script written lazily for generating cross-platform backdoors on the go :)

⛔️ offsec batteries included

Human and machine readable web vulnerability testing format

My OSCP journey

Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.

zynix-Fusion is a framework that aims to centralize, standardizeand simplify the use of various security tools for pentest professionals.zynix-Fusion (old name: Linux evil toolkit) has few simple commands, one of which is theinit function that allows you to define a target, and thus use all the toolswithout typing anything else.

A swiss army knife for pentesting networks

Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network

mXtract - Memory Extractor & Analyzer

Use ExpiredDomains.net and BlueCoat to find useful domains for red team.

Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.

Cross-Site Scripting (XSS) command line tool for testing lists of XSS payloads on web apps.

👀👮🐢🔥Performs a privacy & security check of Windows 10

Simple Server Side Request Forgery services enumeration tool.

Python network worm that spreads on the local network and gives the attacker control of these machines.

Adds a customizable "Send to..."-context-menu to your BurpSuite.

A .NET Standard library for pentesting web apps against credential stuffing attacks.

Privilege Escalation Enumeration Script for Windows