398 Open source projects that are alternatives of or similar to Crackmapextreme

A tool to abuse Exchange services

Adds a customizable "Send to..."-context-menu to your BurpSuite.

A tool to test security of json web token

A tool to hunt for publicly accessible DigitalOcean Spaces

This repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions

jsonp is a Burp Extension which attempts to reveal JSONP functionality behind JSON endpoints. This could help reveal cross-site script inclusion vulnerabilities or aid in bypassing content security policies.

🏴‍☠️ Information Gathering tool 🏴‍☠️ DNS / Subdomains / Ports / Directories enumeration

Encoder to bypass WAF filters using XOR operations

Bella is a pure python post-exploitation data mining tool & remote administration tool for macOS. 🍎💻

A simple dns resolver of dns-record and web-record log server for pentesting

A Subdomain Enumeration and Validation tool for Bug Bounty and Pentesters.

Automatic finder for subdomains vulnerable to takeover. Written in Go, based on @haccer's subjack.

pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.

RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.

An evil RAT (Remote Administration Tool) for macOS / OS X.

Set of tools to audit SIP based VoIP Systems

Study Notes For Web Hacking / Web安全学习笔记

Human and machine readable web vulnerability testing format

This code is vulnerable to SQL Injection and having SQLite database. For SQLite database, SQL Injection payloads are different so it is for fun. Just enjoy it \m/

Linux enumeration tool for pentesting and CTFs with verbosity levels

渗透测试插件化并发框架 / Open-sourced remote vulnerability PoC/EXP framework

Abusing Certificate Transparency logs for getting HTTPS websites subdomains.

Awesome CSIRT is an curated list of links and resources in security and CSIRT daily activities.

my oscp prep collection

An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.

Python Interactive Deepweb-oriented Rapid Intelligent Link Analyzer

Ransom0 is a open source ransomware made with Python, designed to find and encrypt user data.

A wrapper for Nmap to quickly run network scans

Offline command line lookup utility for GTFOBins (https://github.com/GTFOBins/GTFOBins.github.io) and LOLBAS (https://github.com/LOLBAS-Project/LOLBAS)

Silentbridge is a toolkit for bypassing 802.1x-2010 and 802.1x-2004.

SSRF (Server Side Request Forgery) testing resources

Centralize Vulnerability Assessment and Management for DevSecOps Team

Powerful Visual Subdomain Enumeration at the Click of a Mouse

File upload vulnerability scanner and exploitation tool.

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

ReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.

Penetration Testing and Hacking CTF's Swiss Army Knife with: Reverse Shell Handling - Encoding/Decoding - Encryption/Decryption - Cracking Hashes / Hashing

XSSMap 是一款基于 Python3 开发用于检测 XSS 漏洞的工具

📡 A python program to create a fake AP and sniff data.

The ultimate WinRM shell for hacking/pentesting

Cross-Site Scripting (XSS) command line tool for testing lists of XSS payloads on web apps.

Bash script purposed for system enumeration, vulnerability identification and privilege escalation.

Arissploit Framework is a simple framework designed to master penetration testing tools. Arissploit Framework offers simple structure, basic CLI, and useful features for learning and developing penetration testing tools.

A Cloudflare resolver that works

An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.

🚀 Fast Port Scanner 🚀

Elasticsearch for Offensive Security

Red Teaming Tactics and Techniques

EmbedOS - Embedded security testing virtual machine

Quiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.

A Not So Very Intelligent Fuzzer: An advanced fuzzing framework designed to find vulnerabilities in C/C++ code.

Container with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters

Network protocol auditing framework

A collection of useful scripts for Cobalt Strike

Windows one line commands that make life easier, shortcuts and command line fu.

A Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.

Python network worm that spreads on the local network and gives the attacker control of these machines.

Know the dangers of credential reuse attacks.

ASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight