1058 Open source projects that are alternatives of or similar to Evil Winrm

Automatically Launch Google Hacking Queries Against A Target Domain

Set of tools to audit SIP based VoIP Systems

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

Next generation web scanner

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

All releases of the security research group (a.k.a. hackers) The Hacker's Choice

Fast Modular Web Interfaces Bruteforcer

A curated list of awesome privilege escalation

Vagrant VirtualBox environment for conducting an internal network penetration test

Quickly analyze and reverse engineer Android packages

Container with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters

Penetration Testing notes, resources and scripts

Offensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.

Hacking Toolkit

Python Interactive Deepweb-oriented Rapid Intelligent Link Analyzer

A curated list of awesome OSCP resources

⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡

jSQL Injection is a Java application for automatic SQL database injection.

CVE-2016-8610 (SSL Death Alert) PoC

X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

Notes about attacking Jenkins servers

A simple dns resolver of dns-record and web-record log server for pentesting

Ladon Network Penetration Scanner for PowerShell, vulnerability / exploit / detection / MS17010/SmbGhost,Brute-Force SMB/IPC/WMI/NBT/SSH/FTP/MSSQL/MYSQL/ORACLE/VNC

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

📡 A python program to create a fake AP and sniff data.

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.

Dorks for shodan.io. Some basic shodan dorks collected from publicly available data.

Impacket is a collection of Python classes for working with network protocols.

pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)

pentest framework

A tool to test security of json web token

A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.

API, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

🏴‍☠️ Information Gathering tool 🏴‍☠️ DNS / Subdomains / Ports / Directories enumeration

Kubernetes Goat is "Vulnerable by Design" Kubernetes Cluster. Designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security.

Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.

vulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}

An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.

Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns

A simple keylogger for Windows, Linux and Mac

Micro-framework for rapid development of reusable security tools

Adds a customizable "Send to..."-context-menu to your BurpSuite.

Fast browser-based network discovery module

Linux enumeration tool for pentesting and CTFs with verbosity levels

The best Hacking and PenTesting tools installer on the world

A framework that create an advanced stealthy dropper that bypass most AVs and have a lot of tricks

Burp Bounty profiles compilation, feel free to contribute!

Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network

🏴‍☠️ Tools for pentesting, CTFs & wargames. 🏴‍☠️

zynix-Fusion is a framework that aims to centralize, standardizeand simplify the use of various security tools for pentest professionals.zynix-Fusion (old name: Linux evil toolkit) has few simple commands, one of which is theinit function that allows you to define a target, and thus use all the toolswithout typing anything else.

BlackRAT - Java Based Remote Administrator Tool

A Cloudflare resolver that works

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

🔪 Leak git repositories from misconfigured websites

Pop shells like a master.

SSRF (Server Side Request Forgery) testing resources

Abusing Certificate Transparency logs for getting HTTPS websites subdomains.