688 Open source projects that are alternatives of or similar to Dostoevsky Pentest Notes

File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

How to prepare for OSCP complete guide

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Bash script purposed for system enumeration, vulnerability identification and privilege escalation.

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

my oscp prep collection

A standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)

JustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)

Arissploit Framework is a simple framework designed to master penetration testing tools. Arissploit Framework offers simple structure, basic CLI, and useful features for learning and developing penetration testing tools.

Cross-Site Scripting (XSS) command line tool for testing lists of XSS payloads on web apps.

Just Another Linux Enumeration Script: A Bash script for locally enumerating a compromised Linux box

Internal penetration testing tool for Linux that can be used to enumerate OS information, domain information, shares, directories, and users through SMB.

Python3 script to perform LDAP queries and enumerate users, groups, and computers from Windows Domains. Ldap_Search can also perform brute force/password spraying to identify valid accounts via LDAP.

Linux enumeration tool for pentesting and CTFs with verbosity levels

Automation for internal Windows Penetrationtest / AD-Security

File upload vulnerability scanner and exploitation tool.

Sifter aims to be a fully loaded Op Centre for Pentesters

🏴‍☠️ Information Gathering tool 🏴‍☠️ DNS / Subdomains / Ports / Directories enumeration

Relational database brute force and post exploitation tool for MySQL and MSSQL

Rescope is a tool geared towards pentesters and bugbounty researchers, that aims to make life easier when defining scopes for Burp Suite and OWASP ZAP.

A high performance offensive security tool for reconnaissance and vulnerability scanning

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

Automatic SQL injection and database takeover tool

This is my OSCP cheat sheet made by combining a lot of different resources online with a little bit of tweaking. I used this cheat sheet during my exam (Fri, 13 Sep 2019) and during the labs. I can proudly say it helped me pass so I hope it can help you as well ! Good Luck and Try Harder

Automated All-in-One OS Command Injection Exploitation Tool.

A Tool that Finds, Enumerates, and Exploits Reolink Cameras.

Our OSCP repo: from popping shells to mental health.

Simple Server Side Request Forgery services enumeration tool.

Responsive Command and Control System

无状态子域名爆破工具

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Get GTFOBins info about a given exploit from the command line

Python 3.5+ DNS asynchronous brute force utility

A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python

A curated list of awesome privilege escalation

渗透测试插件化并发框架 / Open-sourced remote vulnerability PoC/EXP framework

Red Teaming Tactics and Techniques

Powerful Visual Subdomain Enumeration at the Click of a Mouse

备考 OSCP 的各种干货资料/渗透测试干货资料

Monitor linux processes without root permissions

fully automated pentesting tool

Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting

fireELF - Fileless Linux Malware Framework

WADComs is an interactive cheat sheet, containing a curated list of Unix/Windows offensive tools and their respective commands.

Linux and Windows shellcode enrichment utility

HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.

Everything needed for doing CTFs

Penetration Testing notes, resources and scripts

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

Reconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

Port of Wappalyzer (uncovers technologies used on websites) to automate mass scanning.

This repository contains writeups for various CTFs I've participated in (Including Hack The Box).

Exploit Pack -The next generation exploit framework

A curated list of awesome OSCP resources

Intelligence and Reconnaissance Package/Bundle installer.

Script will enumerate domain name using horizontal enumeration, reverse lookup. Each horziontal domain will then be vertically enumerated using Sublist3r.

SQLi-Hunter is a simple HTTP / HTTPS proxy server and a SQLMAP API wrapper that makes digging SQLi easy.