779 Open source projects that are alternatives of or similar to Burp Suite Error Message Checks

Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework

渗透测试☞经验/思路/总结/想法/笔记

A default credential scanner.

Post-Exploitation 😎 module for Penetration Tester and Hackers.

An Arch Linux repository for security professionals and enthusiasts. Done the Arch Way and optimized for i686, x86_64, ARMv6, ARMv7 and ARMv8.

🥀 Search Engine Tookit，URL采集、Favicon哈希值查找真实IP、子域名查找

Python based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.

VulWebaju is a platform that automates setting up your pen-testing environment for learning purposes.

A fully featured Windows backdoor that uses Gmail as a C&C server

A curated list of awesome Windows frameworks, libraries, software and resources for Red Teams

Automated Red Team Infrastructure deployement using Docker

Everything needed for doing CTFs

A proof of concept crypto virus to spread user awareness about attacks and implications of ransomwares. Phirautee is written purely using PowerShell and does not require any third-party libraries. This tool steals the information, holds an organisation’s data to hostage for payments or permanently encrypts/deletes the organisation data.

linux-kernel-exploits Linux平台提权漏洞集合

Reverse shell manager using tmux and ncat

online port scan scraper

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

Intercept, modify, repeat and attack Android's Binder transactions using Burp Suite

Feature-rich Post Exploitation Framework with Network Pivoting capabilities.

The SpecterOps project management and reporting engine

用于记录内网渗透(域渗透)学习 :-)

An iOS Security assessment app for jailbroken iOS Devices.

Tool Information Gathering Write By Python.

cobaltstrike ms17-010 module and some other

A collection of resources I'm using while working toward the OSCP

Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.

Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.

A MongoDB importer and API for Project Sonars DNS datasets

An HTTP/HTTPS intercept proxy written in Go.

d(ockerp)wn - a docker pwn tool manager

红蓝对抗跨平台远控工具

Framework for rapid development and reusable of security tools

Powerful plugins and add-ons for hackers

Scan for and exploit Consul agents

An advanced tool for email reconnaissance

Python AV Evasion Tools

A Python-powered exploitation framework and botnet.

Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.

scripts to setup pentesting system and use during pentest

A collection of more than 140+ tools, scripts, cheatsheets and other loots that I have developed over years for Red Teaming/Pentesting/IT Security audits purposes. Most of them came handy on at least one of my real-world engagements.

Android application for scanning and managing documents.

Burpsuite-Plugins-Usage

A simple Python script that reads a text file with lots of e-mails and passwords, and tries to check if those credentials are valid by trying to login on IMAP servers.

vulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}

It's a Docker Environment for pentesting which having all the required tool for VAPT.

intercepting kali router

Python-based CLI Password Analyser (Reporting Tool)

Generate Gmail Emailing Keyloggers to Windows.

🤖 The Modern Port Scanner 🤖

A proof of concept injectable C++ dll, that uses naked inline hooking and direct memory modification to change your TeamViewer permissions.

C2/post-exploitation framework

🙃 Reverse Shell Cheat Sheet 🙃

An MSBuildTask that checks for known vulnerabilities. Inspired by OWASP SafeNuGet.

👀 🖥️ Golang rewrite of eyes.sh. Let's you perform domain/IP address information gathering. Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?" 🔍 🕵️

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

A list of resources for those interested in getting started in bug bounties

A "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)

A Powershell client for dnscat2, an encrypted DNS command and control tool.

Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques