1058 Open source projects that are alternatives of or similar to Evil Winrm

API, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)

3389远程桌面代码执行漏洞CVE-2019-0708批量检测工具(Rdpscan Bluekeep Check)

swiss army knife for hackers

Open Redirect Payloads

Extract subdomains from SSL certificates in HTTPS sites.

Idiomatic nmap library for go developers

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

A curated list of awesome OSCP resources

Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns

Ladon Network Penetration Scanner for PowerShell, vulnerability / exploit / detection / MS17010/SmbGhost,Brute-Force SMB/IPC/WMI/NBT/SSH/FTP/MSSQL/MYSQL/ORACLE/VNC

SSRF (Server Side Request Forgery) testing resources

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

This is a multi-use bash script for Linux systems to audit wireless networks.

Abusing Certificate Transparency logs for getting HTTPS websites subdomains.

HostHunter a recon tool for discovering hostnames using OSINT techniques.

The Web Application Hacker's Handbook - Extra Content

Micro-framework for rapid development of reusable security tools

RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

Collection of quality safety articles. Awesome articles.

DNS Rebinding Exploitation Framework

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

hydra

Automated Red Team Infrastructure deployement using Docker

Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.

Powerfull XSS Scanning and Parameter analysis tool&gem

Fast browser-based network discovery module

An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.

Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

Web path scanner

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

Burp Bounty profiles compilation, feel free to contribute!

Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

A list of resources for those interested in getting started in bug bounties

Impacket is a collection of Python classes for working with network protocols.

Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework

jSQL Injection is a Java application for automatic SQL database injection.

CVE-2016-8610 (SSL Death Alert) PoC

⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Kubernetes Goat is "Vulnerable by Design" Kubernetes Cluster. Designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security.

A Cloudflare resolver that works

Ruby on Rails Phishing Framework

pentest framework

Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.

Ferramenta para quebrar senhas administrativas de roteadores Wireless, routers, switches e outras plataformas de gestão de serviços de rede autenticados.

vulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}

🏴‍☠️ Tools for pentesting, CTFs & wargames. 🏴‍☠️

A framework that create an advanced stealthy dropper that bypass most AVs and have a lot of tricks

The best Hacking and PenTesting tools installer on the world

A simple keylogger for Windows, Linux and Mac

zynix-Fusion is a framework that aims to centralize, standardizeand simplify the use of various security tools for pentest professionals.zynix-Fusion (old name: Linux evil toolkit) has few simple commands, one of which is theinit function that allows you to define a target, and thus use all the toolswithout typing anything else.

BlackRAT - Java Based Remote Administrator Tool

A fast DOM based XSS vulnerability scanner with simplicity.

Collection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

🔪 Leak git repositories from misconfigured websites