639 Open source projects that are alternatives of or similar to Eggshell

👶 BabySploit Beginner Pentesting Toolkit/Framework Written in Python 🐍

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

Golang安全资源合集

Display information about files in different file formats and find gadgets to build rop chains for different architectures (x86/x86_64, ARM/ARM64, MIPS, PowerPC, SPARC64). For disassembly ropper uses the awesome Capstone Framework.

Various Metasploit Modules

A simple python reverse shell written just for fun.

A jailbreak tweak to change the stock volume HUD

This tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs enabling attackers to read data they shouldn't be able to. This tool is originally based on Microsoft: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in

Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns

个人版微信

🔗 All the resources I could find for learning Ethical Hacking and Penetration Testing.

Python3 script to perform LDAP queries and enumerate users, groups, and computers from Windows Domains. Ldap_Search can also perform brute force/password spraying to identify valid accounts via LDAP.

AIL framework - Analysis Information Leak framework

venom - shellcode generator/compiler/handler (metasploit)

Reverse Shell as a Service

The Last Web Recon Tool You'll Need

BurpSuite收集：包括不限于 Burp 文章、破解版、插件(非BApp Store)、汉化等相关教程，欢迎添砖加瓦---burpsuite-pro burpsuite-extender burpsuite cracked-version hackbar hacktools fuzzing fuzz-testing burp-plugin burp-extensions bapp-store brute-force-attacks brute-force-passwords waf sqlmap jar

fsociety Hacking Tools Pack – A Penetration Testing Framework

Set Instagram backgrounds on iOS

Exploitation and Mitigation Slides

Simple Karma Attack

Advanced dork Search & Mass Exploit Scanner

Awesome tools to exploit Windows !

Browse and search through nmap's NSE scripts.

Power efficient dashboard for Kindle 4 NT devices

MSFvenom Payload Creator (MSFPC)

🔭 A modern, async Ruby gem for Shodan, the world's first search engine for Internet-connected devices.

A tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo for linux privilege escalation.

📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.

🌸 Interactive shellcoding environment to easily craft shellcodes

macro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments. The goal of macro_pack is to simplify exploitation, antimalware bypass, and automatize the process from malicious macro and script generation to final document generation. It also provides a lot of helpful features useful for redteam or security research.

Find exploit tool

🔎 Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.

Asynchronous Python implementation of SlowLoris DoS attack

个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

Turn Flex patches into Theos projects

Perun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架

Tool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.

Let's you perform domain/IP information gathering... in BASH! Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?"

My solutions to some CTF challenges and a list of interesting resources about pwning stuff

alternative strace for iOS device(64bit) on frida

A collection of electronic hacker magazines carefully curated over the years from multiple sources

Good to know, easy to forget information about binaries and their exploitation!

Linux Binary Exploitation

Privilege Escalation Enumeration Script for Windows

Chashell is a Go reverse shell that communicates over DNS. It can be used to bypass firewalls or tightly restricted networks.

🔓Subdomain enumeration and information gathering tool

Blind Attacking Framework

📚 VoidHack CTF write-ups

Academic papers related to fuzzing, binary analysis, and exploit dev, which I want to read or have already read

Hardening Ubuntu. Systemd edition.

Universal iOS 11 audio visualizer

Morpheus - Automating Ettercap TCP/IP (MITM-hijacking Tool)

Single Page Cheatsheet for common MSF Venom One Liners

Automatically spawn a reverse shell fully interactive for Linux or Windows victim

vulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}

ServerScan一款使用Golang开发的高并发网络扫描、服务探测工具。

Web path scanner

Exploit code for CVE-2016-9066