538 Open source projects that are alternatives of or similar to Credsleaker

👻Behold3r -- 收集指定网站的子域名，并可监控指定网站的子域名更新情况，发送变更报告至指定邮箱

做redteam时使用，修改自Ridter的https://github.com/Ridter/Intranet_Penetration_Tips

It's a tool which generate a dictionary from a csv containing personals informations. Generate all common passwords based on perso info. (leet transformations and combinatory processing)

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

Pentesting/Bugbounty Dockerfiles.

Orwell is a RAT and Botnet designed as a trio of programs by Landon Powell.

泰阿安全实验室-基于XUbuntu私人订制的红蓝对抗渗透操作系统

LLMNR/NBNS/mDNS Spoofing Detection Toolkit

Self-deployable file hosting service for red teamers, allowing to easily upload and share payloads over HTTP and WebDAV.

Nuclei templates for K8S security scanning

New UAC bypass for Silent Cleanup for CobaltStrike

渗透测试☞经验/思路/总结/想法/笔记

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Execute ELF files without dropping them on disk

ISeeYou is a Bash and Javascript tool to find the exact location of the users during social engineering or phishing engagements. Using exact location coordinates an attacker can perform preliminary reconnaissance which will help them in performing further targeted attacks.

🔎 Find usernames across social networks

Monitor Certificate Transparency Logs For Phishing Domains

Damn Vulnerable Bank is designed to be an intentionally vulnerable android application. This provides an interface to assess your android application security hacking skills.

📡 A python program to create a fake AP and sniff data.

Feature-rich Post Exploitation Framework with Network Pivoting capabilities.

A scanner for Moodle LMS

automated password spraying tool

Exploit Development, Reverse Engineering & Cryptography

sub domain wild card filtering tool

This is the list of all rootkits found so far on github and other sites.

Threat Hunting queries for various attacks

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

Python bindings for Yeti's API

Utilities for MITRE™ ATT&CK

Automatic Reverse Shell Generator

Anti-keylogger/anti-rat application for Windows

Python AV Evasion Tools

People tracker on the Internet: OSINT analysis and research tool by Jose Pino

SEC分布式资产扫描系统

A toolkit for Security Researchers

使用Go语言编写的社工字典生成器(The social engineering dictionary generator written by Go)

Perun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架

Create a QR code with your Wi-Fi login details

备考 OSCP 的各种干货资料/渗透测试干货资料

Hacking resources and cheat sheets. References, tools, scripts, tutorials, and other resources that help offensive and defensive security professionals.

A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.

A PowerShell module to deploy active directory decoy objects.

🔎Searches Hash APIs to crack your hash quickly🔎 If hash is not found, automatically pipes into HashCat⚡

Argus Advanced Remote & Local Keylogger For macOS and Windows

被动式漏洞扫描系统

🦁 Juumla is a python tool created to identify Joomla version, scan for vulnerabilities and search for config or backup files.

An automatic SQL Injection tool which takes advantage of ~DorkNet~ Googler, Ddgr, WhatWaf and sqlmap.

Collection of PowerShell functions a Red Teamer may use to collect data from a machine

rpCheckup is an AWS resource policy security checkup tool that identifies public, external account access, intra-org account access, and private resources.

Load shellcode into a new process

A collection of various GitHub gists for hackers, pentesters and security researchers

DDTTX Tabletop Trainings

This repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions

Bloodhound for Blue and Purple Teams

cvebase is a community-driven vulnerability data platform to discover the world's top security researchers and their latest disclosed vulnerabilities & PoCs

Open source pre-operation C2 server based on python and powershell

PowerShell framework to assess Azure security

Multi Tool Subdomain Enumeration

Generate credentials for Opera's "browser VPN"

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…