778 Open source projects that are alternatives of or similar to Chashell

Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.

基于Threathunting-book基础上完善的狩猎视角红队handbook

E-mails, subdomains and names Harvester - OSINT

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)

Assist reverse tcp shells in post-exploration tasks

HTTP Request Smuggling over HTTP/2 Cleartext (h2c)

fireELF - Fileless Linux Malware Framework

Simple DLL that add a user to the local Administrators group

Hacker101 CTF Writeup

A multi-platform HTTP(S) Reverse Shell Server and Client in Python 3

Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.

A cross-platform C2/teamserver supporting multiple transport protocols, written in Go.

Blind WAF identification tool

A very loud but fast recon scan and pentest template creator for use in CTF's/OSCP/Hackthebox...

Automatically Launch Google Hacking Queries Against A Target Domain

OWASP WEB Directory Scanner

Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。

Open Redirect Payloads

This repository is used to store answers when resolving ctf challanges, how i came to that answer and the line of thought used to reach it.

Next generation web scanner

Active Directory ACL Visualizer and Explorer - who's really Domain Admin?

Automated Red Team Infrastructure deployement using Docker

Bluetooth reverse shell.

Jam all wifi clients/routers.

Astra is a tool to find URLs and secrets inside a webpage/files

WADComs is an interactive cheat sheet, containing a curated list of Unix/Windows offensive tools and their respective commands.

A Heroku-based web honeypot that can be used to create and monitor fake HTTP endpoints (i.e. honeytokens).

An automated approach to performing recon for bug bounty hunting and penetration testing.

Nzyme collects 802.11 management frames directly from the air and sends them to a Graylog (Open Source log management) setup for WiFi IDS, monitoring, and incident response. It only needs a JVM and a WiFi adapter that supports monitor mode.

Tool to communicate with RPC services and check misconfigurations on NFS shares

Goca Scanner

Timestomper and Timestamp checker with nanosecond accuracy for NTFS volumes

AV Evasion Tool For Red Team Ops

BadUSB Teensy downexec exploit support Windows & Linux / Windows Cmd & PowerShell addUser exploit

CloudBunny is a tool to capture the real IP of the server that uses a WAF as a proxy or protection. In this tool we used three search engines to search domain information: Shodan, Censys and Zoomeye.

Company Passwords Profiler (aka ComPP) helps making a bruteforce wordlist for a targeted company.

An introduction to security for developers.

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

An inventory of tools and resources about CyberSecurity that aims to help people to find everything related to CyberSecurity.

A framework for Backdoor development!

Little Bug Bounty & Hacking Tools⚔️

Free advanced and modern Windows botnet with a nice and secure PHP panel.

Fast and intuitive manager for multiple reverse shells

Web path scanner

Find exposed API keys based on RegEx and get exploitation methods for some of keys that are found

SIP-Based Audit and Attack Tool

No description or website provided.

Quickly analyze and reverse engineer Android packages

Pentest/BugBounty progress control with scanning modules

Custom security distro for remote penetration testing

🔗 Don't know what type of hash it is? Name That Hash will name that hash type! 🤖 Identify MD5, SHA256 and 3000+ other hashes ☄ Comes with a neat web app 🔥

一款可以检测WEB蜜罐并阻断请求的Chrome插件，能够识别并阻断长亭D-sensor、墨安幻阵的部分溯源api

Sample codes written for the Hackers to Hackers Conference magazine 2017 (H2HC).

A collection of special paths linked to major web CVEs, known misconfigurations, juicy APIs ..etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints and quick-wins.

📂 Source Code for (some of) the Programming Tutorials from my Italian YouTube Channel and website ProgrammareInPython.it. This is just a small portion of the content: please visit the website for more.

Writing custom backdoor payloads with C# - Defcon 27 Workshop

🔨 Manage your website via terminal

Designed to be installed on a fresh install of raspbian on a raspberry pi, by combining Respounder (Responder detection) and Artillery (port and service spoofing) for network deception, this tool allows you to detect an attacker on the network quickly by weeding out general noisy alerts with only those that matter.

JAR, Java, and JSP shells that work on Linux OS, macOS, and Windows OS.

🍓📡🍍Monitor illegal wireless network activities. (Fake Access Points), (WiFi Threats: KARMA Attacks, WiFi Pineapple, Similar SSID, OPN Network Density etc.)