639 Open source projects that are alternatives of or similar to Eggshell

Penetration test Achieve Knowledge Unite Rapid Interface

Python AV Evasion Tools

MS17-010: Python and Meterpreter

trolo - an easy to use script for generating Payloads that bypasses antivirus

The all-in-one Red Team extension for Web Pentester 🛠

A simple bash based metasploit automation tool!

Mouse Framework is an iOS and macOS post-exploitation framework that gives you a command line session with extra functionality between you and a target machine using only a simple Mouse payload. Mouse gives you the power and convenience of uploading and downloading files, tab completion, taking pictures, location tracking, shell command execution, escalating privileges, password retrieval, and much more.

Gives you one-liners that aids in penetration testing operations, privilege escalation and more

Credentials Checking Framework

Detecting PowerShell Empire, Metasploit Meterpreter and Cobalt Strike agents by payload size sequence analysis and host correlation

A tool for generating reverse shell payloads on the fly.

Extract subdomains from SSL certificates in HTTPS sites.

A collection of useful links for Pentesters

Automated Mass Exploiter

A ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network

Pentesting suite for Maltego based on data in a Metasploit database

Docker images for infosec tools

整理一些内网常用渗透小工具

TechNowHorse is a RAT (Remote Administrator Trojan) Generator for Windows/Linux systems written in Python 3.

A tool for fuzzing for ports that allow outgoing connections

Yet Another PHP Shell - The most complete PHP reverse shell

Search for Directory Traversal Vulnerabilities

A tool to automate penetration tests

Subaru StarLink persistent root code execution.

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

JustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)

🌒 Shell command obfuscation to avoid detection systems

Web Recon & Exploitation Tool.

HERCULES is a special payload generator that can bypass antivirus softwares.

Wordpress Attack Suite

Chimera is a (shiny and very hack-ish) PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.

Metasploit Cheat Sheet 💣

Most usable tools for iOS penetration testing

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python

Automation for internal Windows Penetrationtest / AD-Security

HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.

LinkedIn enumeration tool to extract valid employee names from an organization through search engine scraping

Bilingual PhishingKit. TigerShark intergrates a vast array of various phishing tools and frameworks, from C2 servers, backdoors and delivery methods in multiple scripting languages in order to suit whatever your deployment needs may be.

Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python

wifi attacks suite

Attack Surface Management Platform | Sn1perSecurity LLC

Exploit Pack -The next generation exploit framework

pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

Display information about files in different file formats and find gadgets to build rop chains for different architectures (x86/x86_64, ARM/ARM64, MIPS, PowerPC, SPARC64). For disassembly ropper uses the awesome Capstone Framework.

Forward shell generation framework

A simple python reverse shell written just for fun.

This tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs enabling attackers to read data they shouldn't be able to. This tool is originally based on Microsoft: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in

Undetectable Windows Payload Generation

Penetration Testing Platform

个人版微信

Python3 script to perform LDAP queries and enumerate users, groups, and computers from Windows Domains. Ldap_Search can also perform brute force/password spraying to identify valid accounts via LDAP.

SMBExec implementation in Nim - SMBv2 using NTLM Authentication with Pass-The-Hash technique

AIL framework - Analysis Information Leak framework

Reverse Shell as a Service

Reverse-engineering tools and exploits for Samsung's implementation of TrustZone

A documentation about how to hack Minecraft servers

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能