1059 Open source projects that are alternatives of or similar to Evil Ssdp

This tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs enabling attackers to read data they shouldn't be able to. This tool is originally based on Microsoft: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in

Fast browser-based network discovery module

zynix-Fusion is a framework that aims to centralize, standardizeand simplify the use of various security tools for pentest professionals.zynix-Fusion (old name: Linux evil toolkit) has few simple commands, one of which is theinit function that allows you to define a target, and thus use all the toolswithout typing anything else.

🏴‍☠️ Tools for pentesting, CTFs & wargames. 🏴‍☠️

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

A high performance offensive security tool for reconnaissance and vulnerability scanning

Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands on training!

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

Collection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi

This tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely useful for a forensics team to extract timestamps after an attack on a host to collect evidences and perform further analysis.

A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.

A curated list of awesome OSCP resources

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)

A simple keylogger for Windows, Linux and Mac

👀 🖥️ Golang rewrite of eyes.sh. Let's you perform domain/IP address information gathering. Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?" 🔍 🕵️

Ferramenta para quebrar senhas administrativas de roteadores Wireless, routers, switches e outras plataformas de gestão de serviços de rede autenticados.

An HTTP/HTTPS intercept proxy written in Go.

A small Php application to fetch archive url snapshots from archive.org. using it you can fetch complete list of snapshot urls of any year or complete list of all years possible. Made Specially for penetration testing purpose.

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

Fast Modular Web Interfaces Bruteforcer

HydraFW official firmware for HydraBus/HydraNFC for researcher, hackers, students, embedded software developers or anyone interested in debugging/hacking/developing/penetration testing

The Robot Security Framework (RSF), Robot Security Framework (RSF), a standardized methodology to perform security assessments in robotics.

Infection vector that bypasses AV, IDS, and IPS. (For now...)

Keye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will make a request to these URLs and try to detect changes based on their response's body length.

Awesome Vulnerable Applications

The Collective. A repo for a collection of red-team projects found mostly on Github.

Gives you one-liners that aids in penetration testing operations, privilege escalation and more

A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).

SSH man-in-the-middle tool

Command line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.

A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.

This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.

A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python

A collection of public offensive and defensive security related scripts for InfoSec students.

Container with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters

Code from Blackhat Python book

Let's you perform domain/IP information gathering... in BASH! Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?"

Linux enumeration tool for pentesting and CTFs with verbosity levels

Abusing Certificate Transparency logs for getting HTTPS websites subdomains.

Adds a customizable "Send to..."-context-menu to your BurpSuite.

A collection of various awesome lists for hackers, pentesters and security researchers

Awesome hacking is an awesome collection of hacking tools.

📡 A python program to create a fake AP and sniff data.

Powerful Visual Subdomain Enumeration at the Click of a Mouse

Set of tools to audit SIP based VoIP Systems

RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.

M3m0 Tool ⚔️ Website Vulnerability Scanner & Auto Exploiter

Collection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)

Content for hackingthe.cloud

A collection of personal scripts used in hacking excercises.

A Tools Session Hijacking And Stealer Local Passcode Telegram Windows

A collection of hacking / penetration testing resources to make you better!

A tool to test security of json web token

The ultimate WinRM shell for hacking/pentesting

A wrapper for Nmap to quickly run network scans

A simple dns resolver of dns-record and web-record log server for pentesting

Don't let buffer overflows overflow your mind

Know the dangers of credential reuse attacks.

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.