452 Open source projects that are alternatives of or similar to Cobaltstrike Ms17 010

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)

Script collection to bypass Network Access Control (NAC, 802.1x)

Offensive Reverse Shell (Cheat Sheet)

Load shellcode via HELLGATE, Rewrite hellgate with .net framework for learning purpose.

Webshell Manager

Scan for and exploit Consul agents

Load a fresh new copy of ntdll.dll via file mapping to bypass API inline hook.

Snoop — инструмент разведки на основе открытых данных (OSINT world)

Chashell is a Go reverse shell that communicates over DNS. It can be used to bypass firewalls or tightly restricted networks.

Automatically spawn a reverse shell fully interactive for Linux or Windows victim

An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)

🌒 Shell command obfuscation to avoid detection systems

个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

A poorman's proxycannon and botnet, using docker, ovpn files, and a dante socks5 proxy

macro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments. The goal of macro_pack is to simplify exploitation, antimalware bypass, and automatize the process from malicious macro and script generation to final document generation. It also provides a lot of helpful features useful for redteam or security research.

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

Passwords Recovery Tool

A list of payload and bypass lists for penetration testing and red team infrastructure build.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Hershell is a simple TCP reverse shell written in Go.

Collection of quality safety articles. Awesome articles.

Python AV Evasion Tools

Overlord - Red Teaming Infrastructure Automation

C# based tool which automates the process of discovering and exploiting DLL Hijacks in target binaries. The Hijacked paths discovered can later be weaponized during Red Team Operations to evade EDR's.

Pentest/BugBounty progress control with scanning modules

WireBug is a toolset for Voice-over-IP penetration testing

This script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)

Selenium powered Python script to automate searching for vulnerable web apps.

Yet Another PHP Shell - The most complete PHP reverse shell

Goca Scanner

A list of vulnerabilities or design flaws that Microsoft does not intend to fix. Since the number is growing, I decided to make a list. This list covers only vulnerabilities that came up in July 2021 (and SpoolSample ;-))

A collection of Cobalt Strike aggressor scripts

Password-protected writeups of HTB platform (challenges and boxes) https://cesena.github.io/

A Tool for Domain Flyovers

A (partial) Python rewriting of PowerSploit's PowerView

CloudBunny is a tool to capture the real IP of the server that uses a WAF as a proxy or protection. In this tool we used three search engines to search domain information: Shodan, Censys and Zoomeye.

😹 Tomcter is a python tool developed to bruteforce Apache Tomcat manager login with Apache Tomcat default credentials.

Executes common PowerSploit Powerview functions then combines output into a spreadsheet for easy analysis.

一款适用于红蓝对抗中的仿真钓鱼系统

BadAssMacros - C# based automated Malicous Macro Generator.

Multi OTP Spam Amp/Paralell threads

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

LD_PRELOAD rootkit

all paths lead to clouds

Misc. Public Reports of Penetration Testing and Security Audits.

Projects for security students

LinkedinScraper is an another information gathering tool written in python. You can scrape employees of companies on Linkedin.com and then create these employee names, titles and emails.

Discord C2 for Redteam....Need a better name

🙃 Reverse Shell Cheat Sheet 🙃

Next generation web scanner

Free advanced and modern Windows botnet with a nice and secure PHP panel.

This repository contains writeups for various CTFs I've participated in (Including Hack The Box).

Ladon Moudle MS17010 Exploit for PowerShell

Assist reverse tcp shells in post-exploration tasks

Functions that can be used to gain Reverse Shells with PowerShell

A very loud but fast recon scan and pentest template creator for use in CTF's/OSCP/Hackthebox...

一款可以检测WEB蜜罐并阻断请求的Chrome插件，能够识别并阻断长亭D-sensor、墨安幻阵的部分溯源api

SIP-Based Audit and Attack Tool

Search for Unix binaries that can be exploited to bypass system security restrictions.

A collection of special paths linked to major web CVEs, known misconfigurations, juicy APIs ..etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints and quick-wins.