2766 Open source projects that are alternatives of or similar to Cloudbrute

Web path scanner

An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.

Turn your VPS into an attack box

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

OSINT

Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

Wi-Fi tools keep getting more and more accessible to beginners, and the Ehtools Framework is a framework of serious penetration tools that can be explored easily from within it. This powerful and simple tool can be used for everything from installing new add-ons to grabbing a WPA handshake in a matter of seconds. Plus, it's easy to install, set up, and utilize.

HostHunter a recon tool for discovering hostnames using OSINT techniques.

All releases of the security research group (a.k.a. hackers) The Hacker's Choice

Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

Hacking Toolkit

Collection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

The Swiss Army knife for automated Web Application Testing

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

Container with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters

🏴‍☠️ Tools for pentesting, CTFs & wargames. 🏴‍☠️

📡 A python program to create a fake AP and sniff data.

Extract endpoints from APK files

PacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Idiomatic nmap library for go developers

A Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.

Tool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.

🔺 Red Team Hardware Toolkit 🔺

RubberDucky like payloads for DigiSpark Attiny85

🌒 Shell command obfuscation to avoid detection systems

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)

A tool to fastly get all javascript sources/files

A high performance offensive security tool for reconnaissance and vulnerability scanning

Hawkeye filesystem analysis tool

Yet Another PHP Shell - The most complete PHP reverse shell

Pentesting/Bugbounty Dockerfiles.

Quiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.

Leverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.

WARP one-click script. Add an IPv4, IPv6 or dual-stack CloudFlare WARP network interface and Socks5 proxy for VPS. 一键脚本

The all-in-one Red Team extension for Web Pentester 🛠

Rockyou for web fuzzing

RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.

Search Google/Bing/Ecosia/DuckDuckGo/Yandex/Yahoo for a search term with a default set of websites, bug bounty programs or a custom collection.

Automatically Launch Google Hacking Queries Against A Target Domain

Scan for open AWS S3 buckets and dump the contents

CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.

Create a VPS on Google Cloud Platform or Digital Ocean easily with Offensive Docker included to launch assessment to the targets.

Offensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

Set of tools to audit SIP based VoIP Systems

Cameradar hacks its way into RTSP videosurveillance cameras

Collection of quality safety articles. Awesome articles.