398 Open source projects that are alternatives of or similar to Brute

Collection of pentesting scripts

A vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.

Open-Source Ransomware As A Service for Linux, MacOS and Windows

SQLi-Hunter is a simple HTTP / HTTPS proxy server and a SQLMAP API wrapper that makes digging SQLi easy.

Intercept, modify, repeat and attack Android's Binder transactions using Burp Suite

Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.

Web Application Security Automation Framework which recons the target for various assets to maximize the attack surface for security professionals & bug-hunters

Extract endpoints from APK files

A fast DOM based XSS vulnerability scanner with simplicity.

Python3 tool to perform password spraying using RDP

swiss army knife for hackers

THE ESP8266 HONEYPOT

Idiomatic nmap library for go developers

Tactics, Techniques, and Procedures

Open source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.

Offensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.

Burpsuite-Plugins-Usage

A tool to automate penetration tests

A framework for Backdoor development!

Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.

🤖 The Modern Port Scanner 🤖

Hetty is an HTTP toolkit for security research.

Sifter aims to be a fully loaded Op Centre for Pentesters

Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.

Enumerate usernames on a domain where you have no creds by using SMB Relay with low priv.

Attempting to be an all in one repo for others' userful aggressor scripts as well as things we've found useful during Red Team Operations.

Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

Steganography brute-force utility to uncover hidden data inside files

Scan .onion hidden services with nmap using Tor, proxychains and dnsmasq in a minimal alpine Docker container.

Quickly analyze and reverse engineer Android packages

A standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

Applied offensive security with Rust - Early access - https://academy.kerkour.com/black-hat-rust?coupon=GITHUB

Intelligence tool but without API key

Easy files and payloads delivery over DNS

Automatic SQL injection and database takeover tool

👻 A LAN dropbox chatbot controllable via Telegram

A curated list of awesome privilege escalation

OSINT

Security Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.

Extract subdomains from SSL certificates in HTTPS sites.

Automatically Launch Google Hacking Queries Against A Target Domain

This is a multi-use bash script for Linux systems to audit wireless networks.

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

Port of Wappalyzer (uncovers technologies used on websites) to automate mass scanning.

PacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.

Python 3.5+ DNS asynchronous brute force utility

Web Pentesting Fuzz 字典,一个就够了。

DNS Rebinding Exploitation Framework

This repository contains full code examples from the book Gray Hat C#

Open Redirect Payloads

Framework designed to automate various wireless networks attacks (the project was presented on Pentester Academy TV's toolbox in 2017).

An Arch Linux repository for security professionals and enthusiasts. Done the Arch Way and optimized for i686, x86_64, ARMv6, ARMv7 and ARMv8.

My own OSCP guide

fireELF - Fileless Linux Malware Framework

HostHunter a recon tool for discovering hostnames using OSINT techniques.

Wi-Fi tools keep getting more and more accessible to beginners, and the Ehtools Framework is a framework of serious penetration tools that can be explored easily from within it. This powerful and simple tool can be used for everything from installing new add-ons to grabbing a WPA handshake in a matter of seconds. Plus, it's easy to install, set up, and utilize.

For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙

👻Impost3r -- A linux password thief