864 Open source projects that are alternatives of or similar to Exploits

Personal CTF Toolkit

Attify OS - Distro for pentesting IoT devices

Everything needed for doing CTFs

Docker security analysis & hacking tools

🎯 XML External Entity (XXE) Injection Payload List

Tool Information Gathering Write By Python.

A Ruby framework designed to aid in the penetration testing of WordPress systems.

CMS auto detect and exploit.

A portable, simple zip library written in C

Hacker101 CTF Writeup

✔️ CTF problems and solutions solved by Qwaz

A big list of Android Hackerone disclosed reports and other resources.

NSA Hacking Tool Recreation UnitedRake

A Respondus LockDown Browser Bypass

Roundcube 1.0.0 <= 1.2.2 Remote Code Execution exploit and vulnerable container

Tool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.

C# Hacking library for making PC game trainers.

Getting started with java code auditing 代码审计入门的小项目

An automated, modular cryptanalysis tool; i.e., a Weapon of Math Destruction

a plenty of poc based on python

Next generation web scanner

BEST HACKING TOOLS..For more tools visit our blog for Hackers

POC-T强化版本 POC-S , 用于红蓝对抗中快速验证Web应用漏洞， 对功能进行强化以及脚本进行分类添加，自带dnslog等, 平台补充来自vulhub靶机及其他开源项目的高可用POC

一款完善的安全评估工具，支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档

Exploits and Security Tools Framework 2.0.1

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

The iCTF Framework, presented by Shellphish!

Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords

DEPRECATED, wifipumpkin3 -> https://github.com/P0cL4bs/wifipumpkin3

Papers about known hacking, security, hardware, software, computer, network and other ressources.

CMS渗透测试框架-A CMS Exploit Framework

CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.

Emofishes is a collection of proof of concepts that help improve, bypass or detect virtualized execution environments (focusing on the ones setup for malware analysis).

CloudBunny is a tool to capture the real IP of the server that uses a WAF as a proxy or protection. In this tool we used three search engines to search domain information: Shodan, Censys and Zoomeye.

Advanced Web Shell

Free Security and Hacking eBooks

Repo for YouTube series

IP Tools To quickly get information about IP Address's, Web Pages and DNS records.

Dracnmap is an open source program which is using to exploit the network and gathering information with nmap help. Nmap command comes with lots of options that can make the utility more robust and difficult to follow for new users. Hence Dracnmap is designed to perform fast scaning with the utilizing script engine of nmap and nmap can perform various automatic scanning techniques with the advanced commands.

Top 100 Hacking & Security E-Books (Free Download)

🔗 Don't know what type of hash it is? Name That Hash will name that hash type! 🤖 Identify MD5, SHA256 and 3000+ other hashes ☄ Comes with a neat web app 🔥

Vulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.

A framework that create an advanced stealthy dropper that bypass most AVs and have a lot of tricks

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

EternalRocks worm

SambaCry exploit and vulnerable container (CVE-2017-7494)

Random IPv6 - circumvents restrictive IP address-based filter and blocking rules

Quine Museum

A "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)

vulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}

Extract endpoints from APK files

📟Binary Hacking Course

Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.

PacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.

An Arch Linux repository for security professionals and enthusiasts. Done the Arch Way and optimized for i686, x86_64, ARMv6, ARMv7 and ARMv8.

All about bug bounty (bypasses, payloads, and etc)

Redis(<=5.0.5) RCE

TESLA PowerWall 2 Security Shenanigans

A Router WiFi key recovery/cracking tool with a twist.