382 Open source projects that are alternatives of or similar to Enigma

Apache HTTP Server 2.4.49, 2.4.50 - Path Traversal & RCE

Its a framework filled with alot of options and hacking tools you use directly in the script from brute forcing to payload making im still adding more stuff i now have another tool out called htkl-lite its hackers-tool-kit just not as big and messy to see updates check on my instagram @tuf_unkn0wn or if there are any problems message me on instagram

Evilgrade is a modular framework that allows the user to take advantage of poor upgrade implementations by injecting fake updates.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Git All the Payloads! A collection of web attack payloads.

A list of payload and bypass lists for penetration testing and red team infrastructure build.

This repository contains writeups for various CTFs I've participated in (Including Hack The Box).

🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks

A collection of various GitHub gists for hackers, pentesters and security researchers

Penetration tests guide based on OWASP including test cases, resources and examples.

Open source all-in-one CLI tool to semi-automate pentesting.

The ultimate WinRM shell for hacking/pentesting

Offensive tools as Dockerfiles. Lightweight & Ready to go

Hooks in to interesting functions and helps reverse the web app faster.

A tool to test security of json web token

Unsorted, raw, ugly & probably poorly usable tools for reversing, exploit and pentest

A Cloudflare resolver that works

Python Interactive Deepweb-oriented Rapid Intelligent Link Analyzer

A polyglot payload generator

C2Hack, sharing tips and tricks for pentesters

SSRF (Server Side Request Forgery) testing resources

TechNowLogger is Windows/Linux Keylogger Generator which sends key-logs via email with other juicy target info

Leverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.

scan for NTLM directories

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

Set of tools to audit SIP based VoIP Systems

ARCANUS is a customized payload generator/handler.

🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List

A list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP (and more) study material. Commands in 'Usefulcommands' Keepnote. Bookmarks and reading material in 'BookmarkList' CherryTree. Reconscan Py2 and Py3. Custom ISO building.

A Undetectable Payload Generation

Python Remote Administration Tool (RAT)

🔐 Docker Container for Penetration Testing & Security

some pentest scripts & tools by [email protected]

Cat-Nip Automated Basic Pentest Tool - Designed For Kali Linux

Entropy Toolkit is a set of tools to provide Netwave and GoAhead IP webcams attacks. Entropy Toolkit is a powerful toolkit for webcams penetration testing.

Bash script purposed for system enumeration, vulnerability identification and privilege escalation.

nray distributed port scanner

Passwords Recovery Tool

An Infrastructure as Code (IaC) deployment of a small Active Directory pentest lab in the cloud. The deployment simulates a semi-realistic corporate enterprise Active Directory with a DC and endpoints. Purple team goals include blue team detection capabilities and R&D for detection engineering new approaches.

Proton Framework is a Windows post-exploitation framework similar to other Windows post-exploitation frameworks. The major difference is that the Proton Framework does most of its operations using Windows Script Host, with compatibility in the core to support a default installation of Windows 2000 with no service packs all the way through Windows 10.

RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.

Intelligence and Reconnaissance Package/Bundle installer.

Dorks for shodan.io. Some basic shodan dorks collected from publicly available data.

Metasploit Cheat Sheet 💣

Vulnerability Recurrence:漏洞复现记录

XSS'OR - Hack with JavaScript.

Offensive Web Testing Framework (OWTF), is a framework which tries to unite great tools and make pen testing more efficient http://owtf.org https://twitter.com/owtfp

SMB Relay Attack Script

Bruteforce HTTP Authentication

Translator from USB-Rubber-Ducky payloads to a Digispark code.

Pymeta will search the web for files on a domain to download and extract metadata. This technique can be used to identify: domains, usernames, software/version numbers and naming conventions.

Headless CMS and Application Framework built with Node.js, React and MongoDB

Docker images for infosec tools

DLL Password Filter Implant with Exfiltration Capabilities

Container with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters

Wavestone's web interface for password cracking with hashcat

Go-deliver is a payload delivery tool coded in Go.

Collection of quality safety articles. Awesome articles.

Portia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised. Portia performs privilege escalation as well as lateral movement automatically in the network