1151 Open source projects that are alternatives of or similar to Cve 2016 8610 Poc

Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

A Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.

RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.

Next generation web scanner

E2guardian is a web content filter that can work in proxy, transparent or icap server modes

A standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)

👻Impost3r -- A linux password thief

RubberDucky like payloads for DigiSpark Attiny85

Relational database brute force and post exploitation tool for MySQL and MSSQL

备考 OSCP 的各种干货资料/渗透测试干货资料

The all-in-one Red Team extension for Web Pentester 🛠

Intelligence and Reconnaissance Package/Bundle installer.

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

Quick SQL Scanner, Dorker, Webshell injector PHP

generates weak passwords based on current date

A tool for generating reverse shell payloads on the fly.

The LAZY script will make your life easier, and of course faster.

JRuby's OpenSSL gem

SSL Scanner written in Crystal

Tool to communicate with RPC services and check misconfigurations on NFS shares

an easy pentesting tool.

Testing TLS/SSL encryption anywhere on any port

Bifrost C2. Open-source post-exploitation using Discord API

Automate Pentest Tool

🌒 Shell command obfuscation to avoid detection systems

[OBSOLETE] The recipe is now in https://github.com/conan-io/conan-center-index

List of Security Archives Tools and software, generally for facilitate security & penetration research. Opening it up to everyone will facilitate a knowledge transfer. Hopefully the initial set will grow and expand.

This powershell script has got to run in remote hacked windows host, even for pivoting

A Modular Framework for the Automated Vulnerability Analysis in IP-based Networks

Sifter aims to be a fully loaded Op Centre for Pentesters

test SSL/TLS clients how secure they are

PacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.

Web path scanner

Selenium powered Python script to automate searching for vulnerable web apps.

😹 Tomcter is a python tool developed to bruteforce Apache Tomcat manager login with Apache Tomcat default credentials.

Build latest OpenSSL binary

Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.

Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。

A REST API security testing framework.

Quickly analyze and reverse engineer Android packages

Internal penetration testing tool for Linux that can be used to enumerate OS information, domain information, shares, directories, and users through SMB.

个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

Applied offensive security with Rust - Early access - https://academy.kerkour.com/black-hat-rust?coupon=GITHUB

Offensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.

Multi OTP Spam Amp/Paralell threads

👻Stowaway -- Multi-hop Proxy Tool for pentesters

OpenSSL bindings for Go

A curated list of awesome privilege escalation

For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙

Automatically Launch Google Hacking Queries Against A Target Domain

Wi-Fi tools keep getting more and more accessible to beginners, and the Ehtools Framework is a framework of serious penetration tools that can be explored easily from within it. This powerful and simple tool can be used for everything from installing new add-ons to grabbing a WPA handshake in a matter of seconds. Plus, it's easy to install, set up, and utilize.

Python3 tool to perform password spraying using RDP

Attack Surface Management Platform | Sn1perSecurity LLC

Fast directory scanning and scraping tool

A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python

Container with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters

Check SSL certificate expiration date of a list of sites.

Penetration Testing notes, resources and scripts

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.