382 Open source projects that are alternatives of or similar to Enigma

A list of resources for those interested in getting started in bug bounties

自己收集整理自用的字典

Chashell is a Go reverse shell that communicates over DNS. It can be used to bypass firewalls or tightly restricted networks.

ARCANUS is a customized payload generator/handler.

This is a rich-featured Visual Basic macro code for use during Penetration Testing assignments, implementing various advanced post-exploitation techniques.

Webshell Manager

MSFvenom Payload Creator (MSFPC)

🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List

Payload for teensy like a rubber ducky but the syntax is different. this Human interfaes device ( HID attacks ). Penetration With Teensy . Brutal is a toolkit to quickly create various payload,powershell attack , virus attack and launch listener for a Human Interface Device ( Payload Teensy )

cve-2019-0604 SharePoint RCE exploit

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

A list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP (and more) study material. Commands in 'Usefulcommands' Keepnote. Bookmarks and reading material in 'BookmarkList' CherryTree. Reconscan Py2 and Py3. Custom ISO building.

Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework

溯光 (TrackRay) 3 beta⚡渗透测试框架（资产扫描|指纹识别|暴力破解|网页爬虫|端口扫描|漏洞扫描|代码审计|AWVS|NMAP|Metasploit|SQLMap）

🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.

A Undetectable Payload Generation

Pentest environment deployer (kali linux + targets) using vagrant and chef.

Hide your payload into .jpg file

windows-kernel-exploits Windows平台提权漏洞集合

OWASP WEB Directory Scanner

python3写的综合扫描工具，主要用来存活验证，敏感文件探测(目录扫描/js泄露接口/html注释泄露)，WAF/CDN识别，端口扫描，指纹/服务识别，操作系统识别，POC扫描，SQL注入，绕过CDN，查询旁站等功能，主要用来甲方自测或乙方授权测试，请勿用来搞破坏。

RDP man-in-the-middle (mitm) and library for Python with the ability to watch connections live or after the fact

Python Remote Administration Tool (RAT)

Automate Pentest Tool

Fast and lightweight yet another UEFI implementation

A curated list of awesome OSCP resources

Hooks in to interesting functions and helps reverse the web app faster.

HERCULES is a special payload generator that can bypass antivirus softwares.

Burp Bounty profiles compilation, feel free to contribute!

🔐 Docker Container for Penetration Testing & Security

A curated list of VULNERABLE APPS and SYSTEMS which can be used as PENETRATION TESTING PRACTICE LAB.

KratosKnife is a Advanced BOTNET Written in python 3 for Windows OS. Comes With Lot of Advanced Features such as Persistence & VM Detection Methods, Built-in Binder, etc

🐈Medusa是一个红队武器库平台，目前包括扫描功能(200+个漏洞)、XSS平台、协同平台、CVE监控等功能，持续开发中 http://medusa.ascotbe.com

All releases of the security research group (a.k.a. hackers) The Hacker's Choice

🔎 Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.

Chimera is a (shiny and very hack-ish) PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.

Entropy Toolkit is a set of tools to provide Netwave and GoAhead IP webcams attacks. Entropy Toolkit is a powerful toolkit for webcams penetration testing.

Penetration Testing notes, resources and scripts

🔥 CHAOS is a Remote Administration Tool that allow generate binaries to control remote operating systems.

Hershell is a simple TCP reverse shell written in Go.

Bash script purposed for system enumeration, vulnerability identification and privilege escalation.

Automatically Launch Google Hacking Queries Against A Target Domain

Find exploits in local and online databases instantly

The Web Application Hacker's Handbook - Extra Content

nray distributed port scanner

Wi-Fi tools keep getting more and more accessible to beginners, and the Ehtools Framework is a framework of serious penetration tools that can be explored easily from within it. This powerful and simple tool can be used for everything from installing new add-ons to grabbing a WPA handshake in a matter of seconds. Plus, it's easy to install, set up, and utilize.

A framework that create an advanced stealthy dropper that bypass most AVs and have a lot of tricks

Pentest Report Generator

Passwords Recovery Tool

A curated list of awesome privilege escalation

RFD Checker - security CLI tool to test Reflected File Download issues

An Infrastructure as Code (IaC) deployment of a small Active Directory pentest lab in the cloud. The deployment simulates a semi-realistic corporate enterprise Active Directory with a DC and endpoints. Purple team goals include blue team detection capabilities and R&D for detection engineering new approaches.

📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.

Automatic SSRF fuzzer and exploitation tool

个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python

Simple Karma Attack

An Advanced Tool For Complete Apk-Modding In Termux ...

Tool for catching and logging different types of requests.