676 Open source projects that are alternatives of or similar to Evilgrade

Apache HTTP Server 2.4.49, 2.4.50 - Path Traversal & RCE

🔠 Tool for generation samples based on OpenAPI(fka Swagger) payload/response schema

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Its a framework filled with alot of options and hacking tools you use directly in the script from brute forcing to payload making im still adding more stuff i now have another tool out called htkl-lite its hackers-tool-kit just not as big and messy to see updates check on my instagram @tuf_unkn0wn or if there are any problems message me on instagram

Penetration tests guide based on OWASP including test cases, resources and examples.

Gets in the way of your victim's traffic and out of yours

A list of payload and bypass lists for penetration testing and red team infrastructure build.

🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks

Git All the Payloads! A collection of web attack payloads.

Multiplatform payload dropper

This repository contains writeups for various CTFs I've participated in (Including Hack The Box).

A collection of various GitHub gists for hackers, pentesters and security researchers

ODAT: Oracle Database Attacking Tool

Smersh is a pentest oriented collaborative tool used to track the progress of your company's missions.

Browser's XSS Filter Bypass Cheat Sheet

Chef repository for pentesting tools

Exploit Discord's cache system to remote upload payloads on Discord users machines

AICDL collector services and modules

Patch Binaries via MITM: BackdoorFactory + mitmProxy.

App update framework for Windows, inspired by Sparkle for macOS

Python antivirus evasion tool

CVE-2016-8610 (SSL Death Alert) PoC

A wrapper for Android `AppUpdateManager` to encapsulate update workflow

A tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo for linux privilege escalation.

Yeoman generator for building a fake backend by providing the content of JSON files or JavaScript objects through configurable routes.

High-tech weaponized moe progress delivery bot for IRC, Discord, and web

Physics platform is a tool for hardware systems (e.g: raspberryPi 3B ). It retrieves data passing through the network and sends it to a control panel. It works the same way as a botnet by receiving remote commands. (you can imagine that as a black box)

generate massive amounts of realistic fake data in Node.js and the browser

ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.

Snoop — инструмент разведки на основе открытых данных (OSINT world)

pentest framework

Wakxy is a Wakfu packet sniffer (MITM). Written in C++/Qt with Javascript scripting support.

vulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}

一行代码快速实现app版本更新

A minimal DNS service that can provide spoofed replies

Notes about attacking Jenkins servers

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

An isolation framework for Clojure/ClojureScript.

高扩展性的多APP版本更新API接口与后台管理系统

SSTI Payload Generator

Ladon Network Penetration Scanner for PowerShell, vulnerability / exploit / detection / MS17010/SmbGhost,Brute-Force SMB/IPC/WMI/NBT/SSH/FTP/MSSQL/MYSQL/ORACLE/VNC

A Performant Update Manager for Unity

Script to automatically add trackers from a list to all torrents in Transmission

pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)

Build, setup, update and refresh your modding environment!

X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

Stub that automatically verifies that stubbed methods exist and the signatures match the original.

A JSON file RESTful API with authorization based on json-server

Remote exploitation framework written in Python

🤖 A CLI application that automatically prepares Android APK files for HTTPS inspection

Update multiple repositories's `.github/FUNDING.yml` via GitHub API

API, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)

jSQL Injection is a Java application for automatic SQL database injection.

Semantic Java API Library for NEM Platform

macro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments. The goal of macro_pack is to simplify exploitation, antimalware bypass, and automatize the process from malicious macro and script generation to final document generation. It also provides a lot of helpful features useful for redteam or security research.

This challenge is Inon Shkedy's 31 days API Security Tips.

An OAuth2 server implementation to be used for testing

Vulnerability Dashboard

MSFvenom Payload Creator (MSFPC)

C++ GUI for TegraRcmSmash (Fusée Gelée exploit for Nintendo Switch)