787 Open source projects that are alternatives of or similar to Darkspiritz

ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产，构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产，发现存在的薄弱点和攻击面。

C2/post-exploitation framework

IPv6 attack toolkit

dnsub一款好用的子域名扫描工具

Collection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi

A "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)

Bash script purposed for system enumeration, vulnerability identification and privilege escalation.

VOIP Security Audit Framework

Automatic finder for subdomains vulnerable to takeover. Written in Go, based on @haccer's subjack.

MSDAT: Microsoft SQL Database Attacking Tool

WhiteWinterWolf's PHP web shell

Abusing Impersonation Privileges on Windows 10 and Server 2019

This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference

⌨️ Wordlists, Dictionaries and Other Data Sets for Writing Software Security Test Cases

Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.

A step-by-step walkthrough of CloudGoat 2.0 scenarios.

Appsecco training course content on Attacking and Auditing Dockers Containers and Kubernetes Clusters

Common password pattern generator using strings list

Infection Monkey - An automated pentest tool

The New Hacking Framework

DeepSea Phishing Gear

A swiss army knife for pentesting networks

🔨 A modern multiple reverse shell sessions manager wrote in go

Intelligence and Reconnaissance Package/Bundle installer.

mXtract - Memory Extractor & Analyzer

Advanced Web Shell

A penetration testing tool for finding file upload bugs (NDSS 2020)

A distributed nmap / masscan scanning framework complete with an API client for automation workflows

A container repository for my public web hacks!

An automated e-mail OSINT tool

retrieve information via O365 with a valid cred

Notes for taking the OSCP in 2097. Read in book form on GitBook

mosquito - Automating reconnaissance and brute force attacks

Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. [email protected]

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

A collection of Ansible roles for automating infosec builds.

⚡️An awesome list of the best Termux hacking tools

Fast Modular Web Interfaces Bruteforcer

[POC] Asynchronous reverse shell using the HTTP protocol.

Script to automate PUT HTTP method exploitation to get shell

File upload vulnerability scanner and exploitation tool.

红队综合渗透框架

WeirdAAL (AWS Attack Library)

Powershell script to setup windows port forwarding using native netsh client

Parse OpenAPI documents into Burp Suite for automating OpenAPI-based APIs security assessments (approved by PortSwigger for inclusion in their official BApp Store).

Extension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.

Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。

SSH man-in-the-middle tool

An information gathering tool to collect git commit emails in version control host services

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

fully automated pentesting tool

Python script wrote to automate the process of generating various reverse shells.

A collection of manifests that will create pods with elevated privileges.

foolav successor - loads DLL, executable or shellcode into memory and runs it effectively bypassing AV

A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

This code is vulnerable to SQL Injection and having SQLite database. For SQLite database, SQL Injection payloads are different so it is for fun. Just enjoy it \m/

Penetration tests guide based on OWASP including test cases, resources and examples.

This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.