787 Open source projects that are alternatives of or similar to Darkspiritz

👶 BabySploit Beginner Pentesting Toolkit/Framework Written in Python 🐍

JustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)

The LAZY script will make your life easier, and of course faster.

备考 OSCP 的各种干货资料/渗透测试干货资料

A tool to test security of json web token

hydra

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python

A wrapper for Nmap to quickly run network scans

Silentbridge is a toolkit for bypassing 802.1x-2010 and 802.1x-2004.

A tool to automate penetration tests

Attack Surface Management Platform | Sn1perSecurity LLC

Yet Another PHP Shell - The most complete PHP reverse shell

Hacking Toolkit

Tool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.

Web path scanner

Let's you perform domain/IP information gathering... in BASH! Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?"

🔐 Docker Container for Penetration Testing & Security

All releases of the security research group (a.k.a. hackers) The Hacker's Choice

pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)

👀 🖥️ Golang rewrite of eyes.sh. Let's you perform domain/IP address information gathering. Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?" 🔍 🕵️

A simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support

Collection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)

Automation for internal Windows Penetrationtest / AD-Security

A collection of public offensive and defensive security related scripts for InfoSec students.

Command line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.

Bilingual PhishingKit. TigerShark intergrates a vast array of various phishing tools and frameworks, from C2 servers, backdoors and delivery methods in multiple scripting languages in order to suit whatever your deployment needs may be.

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

A Python tool used to automate the execution of the following tools : Nmap , Nikto and Dirsearch but also to automate the report generation during a Web Penetration Testing

This tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs enabling attackers to read data they shouldn't be able to. This tool is originally based on Microsoft: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in

The Collective. A repo for a collection of red-team projects found mostly on Github.

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

A fast web directory/file enumeration tool written in Rust

Gives you one-liners that aids in penetration testing operations, privilege escalation and more

unix SSH post-exploitation 1337 tool

The all-in-one Red Team extension for Web Pentester 🛠

🔄 A collection of mitmproxy inline scripts

Set of tools to audit SIP based VoIP Systems

my oscp prep collection

🏴‍☠️ Information Gathering tool 🏴‍☠️ DNS / Subdomains / Ports / Directories enumeration

Generates malicious LNK file payloads for data exfiltration

SSRF (Server Side Request Forgery) testing resources

RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.

File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

Code from Blackhat Python book

🔪 Leak git repositories from misconfigured websites

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Powerful Visual Subdomain Enumeration at the Click of a Mouse

Pentesting suite for Maltego based on data in a Metasploit database

Vagrant VirtualBox environment for conducting an internal network penetration test

Study Notes For Web Hacking / Web安全学习笔记

XSSMap 是一款基于 Python3 开发用于检测 XSS 漏洞的工具

Quiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.

HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.

Domain name permutation engine written in Go

A Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.

Use ExpiredDomains.net and BlueCoat to find useful domains for red team.

Wordlist for content(directory) bruteforce discovering with Burp or dirsearch

Python Interactive Deepweb-oriented Rapid Intelligent Link Analyzer

Automated Security Testing For REST API's