805 Open source projects that are alternatives of or similar to Content Bruteforcing Wordlist

This code is vulnerable to SQL Injection and having SQLite database. For SQLite database, SQL Injection payloads are different so it is for fun. Just enjoy it \m/

Script samples from the book Pentesting Azure Applications (2018, No Starch Press)

Enterprise WPA Wireless Tool Suite

Powershell script to setup windows port forwarding using native netsh client

Gorsair hacks its way into remote docker containers that expose their APIs

WhiteWinterWolf's PHP web shell

Ruby on Rails Phishing Framework

渗透测试插件化并发框架 / Open-sourced remote vulnerability PoC/EXP framework

foolav successor - loads DLL, executable or shellcode into memory and runs it effectively bypassing AV

密码生成 flexible and scriptable password dictionary generator which can support brute-force、combination、complex rule mode etc...

exploit

A burp extension that add some useful function to Context Menu 添加一些右键菜单让burp用起来更顺畅

A list to discover work of red team tooling and methodology for penetration testing and security assessment

A simple dns resolver of dns-record and web-record log server for pentesting

Quiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.

A collection of personal scripts used in hacking excercises.

Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries

A Powerful Subdomain Takeover Tool

Hacker tools on Go (Golang)

A web front-end for password cracking and analytics

For all your network pentesting needs

OWASP WEB Directory Scanner

CSTC is a Burp Suite extension that allows request/response modification using a GUI analogous to CyberChef

Lightweight, portable and easy to integrate C directory and file reader

An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.

Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords

(Python) Program to simulate multiple sessions on adidas queue pages.

Automate Pentest Tool

Python network tool, similar to Netcat with custom features.

Automated HTTP Request Repeating With Burp Suite

ASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

Collection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)

A small Php application to fetch archive url snapshots from archive.org. using it you can fetch complete list of snapshot urls of any year or complete list of all years possible. Made Specially for penetration testing purpose.

Penetration Testing and Hacking CTF's Swiss Army Knife with: Reverse Shell Handling - Encoding/Decoding - Encryption/Decryption - Cracking Hashes / Hashing

XSHOCK Shellshock Exploit

The best way to scan for weak ssh passwords on your network

JWT brute force cracker written in C

Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.

A Subdomain Enumeration and Validation tool for Bug Bounty and Pentesters.

Appsecco training course content on Attacking and Auditing Dockers Containers and Kubernetes Clusters

WaTF Bank - What a Terrible Failure Mobile Banking Application for Android and iOS

OSINT Tool: Generate username lists for companies on LinkedIn

🔓 A dynamic dictionary merger for successful dictionary based attacks.

Bruteforce attack for Instagram

🏴‍☠️ Information Gathering tool 🏴‍☠️ DNS / Subdomains / Ports / Directories enumeration

The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters

Thoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.

Indexes open directories

一个用于识别目标网站是否采用Struts2框架开发的工具demo

🏴‍☠️ Tools for pentesting, CTFs & wargames. 🏴‍☠️

红队综合渗透框架

A variant of the Largest Area Fit First (LAFF) algorithm + brute force algorithm

The iOS Security Testing Framework

📡 A python program to create a fake AP and sniff data.

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

RedSnarf is a pen-testing / red-teaming tool for Windows environments

Python network worm that spreads on the local network and gives the attacker control of these machines.

Human and machine readable web vulnerability testing format

Penetration Testing Platform