1192 Open source projects that are alternatives of or similar to conti-pentester-guide-leak

Jasmin Ransomware is an advanced red team tool (WannaCry Clone) used for simulating real ransomware attacks. Jasmin helps security researchers to overcome the risk of external attacks.

Information Security Library

All In One Pentesting Tool For Recon & Auditing , Phone Number Lookup , Header , SSH Scan , SSL/TLS Scan & Much More.

Attack Surface Management Platform | Sn1perSecurity LLC

A collection of some of my scripts

WiFi Penetration Testing Guide

This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)

A concise, directive, specific, flexible, and free incident response plan template

Dorothy is a tool to test security monitoring and detection for Okta environments

Functions that can be used to gain Reverse Shells with PowerShell

🔑 Hash type identifier (CLI & lib)

Argus Advanced Remote & Local Keylogger For macOS and Windows

A Python Bytecode Disassembler helping reverse engineers in dissecting Python binaries by disassembling and analyzing the compiled python byte-code(.pyc) files across all python versions (including Python 3.10.*)

Offensive Reverse Shell (Cheat Sheet)

🎯 XML External Entity (XXE) Injection Payload List

WebMap-Nmap Web Dashboard and Reporting

An advanced tool for email reconnaissance

A collection of awesome security hardening guides, tools and other resources

Public Repository of Open Source Tools for Cyber Threat Intelligence Analysts and Researchers

🔎Searches Hash APIs to crack your hash quickly🔎 If hash is not found, automatically pipes into HashCat⚡

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

Vulnerability Dashboard

Awesome Node.js Security resources

cvebase is a community-driven vulnerability data platform to discover the world's top security researchers and their latest disclosed vulnerabilities & PoCs

An ongoing list of virtual cybersecurity conferences.

An inventory of tools and resources about CyberSecurity that aims to help people to find everything related to CyberSecurity.

Threat Hunting queries for various attacks

Collection of several DDos tools.

This repository is used to store answers when resolving ctf challanges, how i came to that answer and the line of thought used to reach it.

A collection of over 5.1 million sub-domains and assets belonging to public bug bounty programs, compiled into a repo, for performing bulk operations.

This script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)

GUI based offensive penetration testing tool (Open Source)

Comprehensive Web Based Phishing Suite for Rapid Deployment and Real-Time Alerting!

💻🛡️ A curated collection of awesome resources, tools, and other shiny things for cybersecurity blue teams.

This repository contains a list of all web sites I come across that are either hacked with or purposefully hosting malware, ransomware, viruses or trojans.

Wireshark Cheat Sheet

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

Get Keyboard,Mouse,ScreenShot,Microphone Inputs from Target Computer and Send to your Mail.

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.

The Collective. A repo for a collection of red-team projects found mostly on Github.

VirusTotal Wanna Be - Now with 100% more Hipster

A toolkit for Security Researchers

Responsive Command and Control System

internet monitoring osint telegram bot for windows

Don't Just Search OSINT. Sweep It.

Notes Taken for HTB Machines & InfoSec Community.

Monitoring GitLab for sensitive data shared publicly

Bringing you the best of the worst files on the Internet.

🔐 Docker Container for Penetration Testing & Security

OWASP Honeypot, Automated Deception Framework.

Notes Taken for HTB Machines & InfoSec Community.

Monitoring your Slack workspaces for sensitive information

YAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.

Malware Sample Sources

You didn't think I'd go and leave the blue team out, right?

We propose a user-friendly add-on that allows you to check if your encrypted web traffic (SSL/TLS) towards secured Internet servers (HTTPS) is not intercepted (being listened to).

PyIris-backdoor is a modular, stealthy and flexible remote-access-toolkit written completely in python used to command and control other systems. It is now in the beta stage, possibly perpetually. There are bugs still present in the framework, feel free to contribute or help me out with this project its still under active development >_>