505 Open source projects that are alternatives of or similar to East

Automated Cyber Offense

Little tool made in python to create payloads for Linux, Windows and OSX with unique handler

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

#INFILTRATE19 raptor's party pack

Penetration Testing Platform

Cybersecurity stuff for both the blue team and the red team, mostly red though.

Password wordlist generator using song lyrics for targeted bruteforce audits / attacks. Useful for penetration testing or security research.

GoPhish Templates that I have retired and/or templates I've recreated.

It's a Docker Environment for pentesting which having all the required tool for VAPT.

The Mobile Application Security Verification Standard (MASVS) is a standard for mobile app security.

A script to configure a TP-Link MR3040 running OpenWRT into a simple, yet powerful penetration-testing "dropbox".

ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.

渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms

Discover Your Attack Surface!

Multi source CVE/exploit parser.

Automated Penetration Testing Framework

Python-based CLI Password Analyser (Reporting Tool)

Burp extension to passively scan for applications revealing software version numbers

台大 計算機安全 - Pwn 簡報、影片、作業題目與解法 - Computer Security Fall 2019 @ CSIE NTU Taiwan

A Virtual Machine For Assessing Android applications, Reverse Engineering and Malware Analysis

JAR, Java, and JSP shells that work on Linux OS, macOS, and Windows OS.

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

It records your terminal, then lets you upload to ASHIRT

Random IPv6 - circumvents restrictive IP address-based filter and blocking rules

Bifrost C2. Open-source post-exploitation using Discord API

Collection of tips, tools and tutorials around infosec

A dictionary attack tool for PostgreSQL and MSSQL

pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)

Windows OS keylogger with a hook mechanism (i.e. with a keyboard hook procedure).

Collect email addresses by crawling search engine results.

📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.

Argus Advanced Remote & Local Keylogger For macOS and Windows

A repository of tools for pentesting of restricted and isolated environments.

Backend logic implementation for Vulnerability Management System

Offensive Reverse Shell (Cheat Sheet)

Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands on training!

Login hunter of default credentials for administrative web interfaces leveraging NNdefaccts dataset.

Self contained htaccess shells and attacks

Some exploits, which I’ve created during my OSCE preparation.

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

Red Teaming Tactics and Techniques

Gorsair hacks its way into remote docker containers that expose their APIs

🍪 Flask Session Cookie Decoder/Encoder

IPv6 attack toolkit

CloudDefense.ai is an automated web application security testing tool that audits your web applications by checking for vulnerabilities like SQL Injection, Cross-site scripting and other exploitable vulnerabilities.

Automated script to run all modules for a specified list of domains, netblocks or company name

Collection of bash scripts I wrote to make my life easier or test myself that you may find useful.

CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4

A place where I can create, collect and share tooling, resources and knowledge about information security.

Jackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.

Fast tool to extract all subdomains from crt.sh website. Output will be up to sub.sub.sub.subdomain.com with standard and advanced search techniques

USB Rubber Ducky type scripts written for the DigiSpark.

Experiments on C/C++ Exploits

XSSMap 是一款基于 Python3 开发用于检测 XSS 漏洞的工具

Pass in a list of URLs with query strings, get back a unique list of URLs and query string combinations

A curated list of VULNERABLE APPS and SYSTEMS which can be used as PENETRATION TESTING PRACTICE LAB.

Leaked pentesting manuals given to Conti ransomware crooks

巡风是一款适用于企业内网的漏洞快速应急，巡航扫描系统。

Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.

Top 100 Hacking & Security E-Books (Free Download)