7859 Open source projects that are alternatives of or similar to Defaultcreds Cheat Sheet

Collection of several DDos tools.

Little Bug Bounty & Hacking Tools⚔️

Malware Sample Sources

Pentester's Promiscuous Notebook

Provides various Windows Server Active Directory (AD) security-focused reports.

Apache HTTP Server 2.4.49, 2.4.50 - Path Traversal & RCE

BadUSB Teensy downexec exploit support Windows & Linux / Windows Cmd & PowerShell addUser exploit

Cloud-native SIEM for intelligent security analytics for your entire enterprise.

The Biggest Scala Cheat-Sheet.

Automated NoSQL database enumeration and web application exploitation tool.

Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network

Log4J scanner that detects vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046, etc) on your file-system within any application. It is able to even find Log4J instances that are hidden several layers deep. Works on Linux, Windows, and Mac, and everywhere else Java runs, too!

The Robot Security Framework (RSF), Robot Security Framework (RSF), a standardized methodology to perform security assessments in robotics.

A set of recipes useful in pentesting and red teaming scenarios

VirusTotal Wanna Be - Now with 100% more Hipster

sub domain wild card filtering tool

Subcert is an subdomain enumeration tool, that finds all the subdomains from certificate transparency logs.

渗透测试☞经验/思路/总结/想法/笔记

A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.

Bifrost C2. Open-source post-exploitation using Discord API

🏴‍☠️ Tools for pentesting, CTFs & wargames. 🏴‍☠️

Thoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.

This repository is used to store answers when resolving ctf challanges, how i came to that answer and the line of thought used to reach it.

XSS in pastebin.com and reddit.com via unsanitized markdown output

Argus Advanced Remote & Local Keylogger For macOS and Windows

Collection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)

zynix-Fusion is a framework that aims to centralize, standardizeand simplify the use of various security tools for pentest professionals.zynix-Fusion (old name: Linux evil toolkit) has few simple commands, one of which is theinit function that allows you to define a target, and thus use all the toolswithout typing anything else.

Reverse Shell as a Service

A Python3 based single-file subdomain enumerator

A Modular Framework for the Automated Vulnerability Analysis in IP-based Networks

Create a VPS on Google Cloud Platform or Digital Ocean easily with Offensive Docker included to launch assessment to the targets.

Do some quick reconnaissance on a domain-based web-application

Load a fresh new copy of ntdll.dll via file mapping to bypass API inline hook.

This repository contains writeups for various CTFs I've participated in (Including Hack The Box).

Public Repository of Open Source Tools for Cyber Threat Intelligence Analysts and Researchers

Repository of my CTF writeups

cvebase is a community-driven vulnerability data platform to discover the world's top security researchers and their latest disclosed vulnerabilities & PoCs

This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.

Penetration tests guide based on OWASP including test cases, resources and examples.

Hundreds of Offensive and Useful Docker Images for Network Intrusion. The name says it all.

An automated approach to performing recon for bug bounty hunting and penetration testing.

巡风是一款适用于企业内网的漏洞快速应急，巡航扫描系统。

Next generation web scanner

A Lambda-powered Security Orchestration framework for AWS GuardDuty

This repository contains full code examples from the book Gray Hat C#

Secret and/ credential patterns used for gf.

cve-2019-0604 SharePoint RCE exploit

Scan for open AWS S3 buckets and dump the contents

Basic Cheat Sheet for Python (PDF, Markdown and Jupyter Notebook)

A tool to automate penetration tests

A container repository for my public web hacks!

This is my cheatsheet and scripts developed while taking the Offensive Security Penetration Testing with Kali Linux course.

Notes about attacking Jenkins servers

A collection of electronic hacker magazines carefully curated over the years from multiple sources

Webshell Manager

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Fast Modular Web Interfaces Bruteforcer

Automatic finder for subdomains vulnerable to takeover. Written in Go, based on @haccer's subjack.

A complete machine vision container that includes Jupyter notebooks with built-in code hinting, Anaconda, CUDA-X, TensorRT inference accelerator for Tensor cores, CuPy (GPU drop in replacement for Numpy), PyTorch, TF2, Tensorboard, and OpenCV for accelerated workloads on NVIDIA Tensor cores and GPUs.

A tool to check a bunch of URLs that contain reflecting params.