2820 Open source projects that are alternatives of or similar to Crithit

pentest framework

Hashcat web interface

ReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.

🎯 Command Injection Payload List

Asynchronous Python implementation of SlowLoris DoS attack

⛔️ offsec batteries included

The ultimate WinRM shell for hacking/pentesting

DNS Rebinding Exploitation Framework

🎯 Server Side Template Injection Payloads

A simple keylogger for Windows, Linux and Mac

Linux命令转发记录

It's a simple tool for test vulnerability shellshock

A Router WiFi key recovery/cracking tool with a twist.

RFD Checker - security CLI tool to test Reflected File Download issues

Scripts to gather system configuration information for offline/remote auditing

备考 OSCP 的各种干货资料/渗透测试干货资料

Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands on training!

Ferramenta para quebrar senhas administrativas de roteadores Wireless, routers, switches e outras plataformas de gestão de serviços de rede autenticados.

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

Dark Web OSINT Tool

Cloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.

System Optimizer and Monitoring, Security Auditing, Vulnerability scanner for Linux, macOS, and UNIX-based systems

Semi-automatic OSINT framework and package manager

pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)

Password wordlist generator using song lyrics for targeted bruteforce audits / attacks. Useful for penetration testing or security research.

An OSINT Metadata analyzing tool that filters through tags and creates reports

grep rough audit - source code auditing tool

DeimosC2 is a Golang command and control framework for post-exploitation.

websocket-connection-smuggler

🔐 Security advisories as a simple composer exclusion list, updated daily

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能

Mikrotik RouterOS (6.x < 6.38.5) exploit kit. Reverse engineered from the "Vault 7" WikiLeaks publication.

HydraFW official firmware for HydraBus/HydraNFC for researcher, hackers, students, embedded software developers or anyone interested in debugging/hacking/developing/penetration testing

Kubernetes Goat is "Vulnerable by Design" Kubernetes Cluster. Designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security.

Dump exposed HTTP .git fast

WebShell Backdoor Framework

Entropy Toolkit is a set of tools to provide Netwave and GoAhead IP webcams attacks. Entropy Toolkit is a powerful toolkit for webcams penetration testing.

Work in progress...

🔓 A dynamic dictionary merger for successful dictionary based attacks.

Scrapes Router Passwords From http://www.routerpasswords.com ,more then +300 product

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

Firewall bypass script based on DNS history records. This script will search for DNS A history records and check if the server replies for that domain. Handy for bugbounty hunters.

gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...

Fast browser-based network discovery module

🛡️⚔️ Protect your web app from DDOS attack or the Dead Ping + CAPTCHA VERIFICATION in one line!

ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.

Providing aid in converting video games.

#legalbugbounty project — creating safe harbors on bug bounty programs and vulnerability disclosure programs. Authored by Amit Elazari.

Monitor linux processes without root permissions

My OSCP journey

🔥 A powerful MongoDB auditing and pentesting tool 🔥

Audit tool to find common vulnerabilities in PHP source code

A small Php application to fetch archive url snapshots from archive.org. using it you can fetch complete list of snapshot urls of any year or complete list of all years possible. Made Specially for penetration testing purpose.

🔥 CHAOS is a Remote Administration Tool that allow generate binaries to control remote operating systems.

A little collection of fun and creative proof of concepts to demonstrate the potential impact of a security vulnerability.

The opposite of Ruler, provides blue teams with the ability to detect Ruler usage against Exchange.

The Robot Security Framework (RSF), Robot Security Framework (RSF), a standardized methodology to perform security assessments in robotics.

Python3 script to perform LDAP queries and enumerate users, groups, and computers from Windows Domains. Ldap_Search can also perform brute force/password spraying to identify valid accounts via LDAP.

Nmap on steroids. Simple CLI with the ability to run pure Nmap engine, 31 modules with 459 scan profiles.

The best Hacking and PenTesting tools installer on the world