2096 Open source projects that are alternatives of or similar to Covertutils

Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python

An evil RAT (Remote Administration Tool) for macOS / OS X.

RSPET (Reverse Shell and Post Exploitation Tool) is a Python based reverse shell equipped with functionalities that assist in a post exploitation scenario.

HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.

🏴‍☠️ Tools for pentesting, CTFs & wargames. 🏴‍☠️

Open-Source Ransomware As A Service for Linux, MacOS and Windows

Thoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.

This is the ToRat client, a part of the ToRat Project.

ToRat is a Remote Administation tool written in Go using Tor as a transport mechanism and RPC for communication

Steganography brute-force utility to uncover hidden data inside files

This repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions

Penetration Testing and Hacking CTF's Swiss Army Knife with: Reverse Shell Handling - Encoding/Decoding - Encryption/Decryption - Cracking Hashes / Hashing

s2n : an implementation of the TLS/SSL protocols

🔥 A powerful MongoDB auditing and pentesting tool 🔥

Go-deliver is a payload delivery tool coded in Go.

Bella is a pure python post-exploitation data mining tool & remote administration tool for macOS. 🍎💻

PacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.

RubberDucky like payloads for DigiSpark Attiny85

Sifter aims to be a fully loaded Op Centre for Pentesters

DNS-Persist is a post-exploitation agent which uses DNS for command and control.

RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.

The all-in-one Red Team extension for Web Pentester 🛠

A backdoor with a multitude of features.

Generates malicious LNK file payloads for data exfiltration

This is a Platform that collects all the data accuring in your Application and shows the data in real time by using Kibana or other tools.

Penelope Shell Handler

Hardware-based SSH/PGP agent

Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能

A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python

Reverse Shell as a Service

pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)

Loki.Rat is a fork of the Ares RAT, it integrates new modules, like recording , lockscreen , and locate options. Loki.Rat is a Python Remote Access Tool.

Relational database brute force and post exploitation tool for MySQL and MSSQL

备考 OSCP 的各种干货资料/渗透测试干货资料

[POC] Asynchronous reverse shell using the HTTP protocol.

Handle streaming XML data with declarative, composable parsers

Free open source cross platform password manager

Wi-Fi tools keep getting more and more accessible to beginners, and the Ehtools Framework is a framework of serious penetration tools that can be explored easily from within it. This powerful and simple tool can be used for everything from installing new add-ons to grabbing a WPA handshake in a matter of seconds. Plus, it's easy to install, set up, and utilize.

⚡️ Worlds fastest steghide cracker, chewing through millions of passwords per second ⚡️

封装多种CTF和平时常见加密及编码C#类库

IOStreams is an incredibly powerful streaming library that makes changes to file formats, compression, encryption, or storage mechanism transparent to the application.

Works cool: I use a secure app to chat. Next level: I encrypt my chats with a private key. Intergalactic level: I encrypt my chats with a one-time token and then make them deceptively public ;)

A curated list of cryptography resources and links.

trolo - an easy to use script for generating Payloads that bypasses antivirus

ARCANUS is a customized payload generator/handler.

Apache HTTP Server 2.4.49, 2.4.50 - Path Traversal & RCE

venom - shellcode generator/compiler/handler (metasploit)

This repository contains full code examples from the book Gray Hat C#

Yet Another PHP Shell - The most complete PHP reverse shell

Pakkero is a binary packer written in Go made for fun and educational purpose. Its main goal is to take in input a program file (elf binary, script, even appimage) and compress it, protect it from tampering and intrusion.

Search for Unix binaries that can be exploited to bypass system security restrictions.

Spritz encryption system portable C library, CSPRNG, cryptographic hash and MAC functions, symmetric-key data encryption, and general-purpose functions. It's also an Arduino library.

HElib is an open-source software library that implements homomorphic encryption. It supports the BGV scheme with bootstrapping and the Approximate Number CKKS scheme. HElib also includes optimizations for efficient homomorphic evaluation, focusing on effective use of ciphertext packing techniques and on the Gentry-Halevi-Smart optimizations.

🔨 A modern multiple reverse shell sessions manager wrote in go

The LAZY script will make your life easier, and of course faster.

💢 Create a swarm of p2p connections with invited peers using WebRTC.

Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.

Peer-to-peer encrypted message exchange