2820 Open source projects that are alternatives of or similar to Crithit

A curated list of awesome OSCP resources

📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.

X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

Open-Source Security Architecture | 开源安全架构

A default credential scanner.

Dump exposed HTTP .git fast

An HTTP/HTTPS intercept proxy written in Go.

A shell script that automatically performs a series of *NIX enumeration tasks.

This tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely useful for a forensics team to extract timestamps after an attack on a host to collect evidences and perform further analysis.

👶 BabySploit Beginner Pentesting Toolkit/Framework Written in Python 🐍

👥😈 Infect a pc with badusb and establish a connection through telegram.

Automated brute-forcing attack tool.

Automatically brute force all services running on a target.

API, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)

We propose a user-friendly add-on that allows you to check if your encrypted web traffic (SSL/TLS) towards secured Internet servers (HTTPS) is not intercepted (being listened to).

Code from Blackhat Python book

web scanner - exploitation - information gathering

Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting

Harden the world is a community driven project to develop hardening guidelines and checklists for common software and devices.

Keylogger for mac written in Swift using HID

Find web directories without bruteforce

👀 🖥️ Golang rewrite of eyes.sh. Let's you perform domain/IP address information gathering. Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?" 🔍 🕵️

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

websocket-connection-smuggler

A simple keylogger for Windows, Linux and Mac

Providing aid in converting video games.

Kubernetes Goat is "Vulnerable by Design" Kubernetes Cluster. Designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security.

Scrapes Router Passwords From http://www.routerpasswords.com ,more then +300 product

Discover hidden deepweb pages

#legalbugbounty project — creating safe harbors on bug bounty programs and vulnerability disclosure programs. Authored by Amit Elazari.

NebulousAD automated credential auditing tool.

This challenge is Inon Shkedy's 31 days API Security Tips.

Simple Server Side Request Forgery services enumeration tool.

A tool for bug hunting or pentesting for targeting websites that have open .git repositories available in public

A collection of response templates for invalid bug bounty reports.

pentest framework

RubberDucky like payloads for DigiSpark Attiny85

Asynchronous Python implementation of SlowLoris DoS attack

Linux命令转发记录

⛔️ offsec batteries included

🔩 jwt-hack is tool for hacking / security testing to JWT. Supported for En/decoding JWT, Generate payload for JWT attack and very fast cracking(dict/brutefoce)

My OSCP journey

It's a simple tool for test vulnerability shellshock

An open source batch script based WiFi Passview for Windows!

Scripts to gather system configuration information for offline/remote auditing

RFD Checker - security CLI tool to test Reflected File Download issues

Python library and CLI for the Bug Bounty Recon API

Ferramenta para quebrar senhas administrativas de roteadores Wireless, routers, switches e outras plataformas de gestão de serviços de rede autenticados.

This is an advanced script for Instagram bruteforce attacks. WARNING THIS IS A REAL TOOL!

Password wordlist generator using song lyrics for targeted bruteforce audits / attacks. Useful for penetration testing or security research.

Repositório com conteúdo sobre web hacking em português

WebShell Backdoor Framework

ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.

A Router WiFi key recovery/cracking tool with a twist.

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能

The all-in-one Red Team extension for Web Pentester 🛠

XSHOCK Shellshock Exploit

A small Php application to fetch archive url snapshots from archive.org. using it you can fetch complete list of snapshot urls of any year or complete list of all years possible. Made Specially for penetration testing purpose.

Work in progress...

🔥 CHAOS is a Remote Administration Tool that allow generate binaries to control remote operating systems.