398 Open source projects that are alternatives of or similar to Firecrack

SessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally.

Intelligent XSS detection tool that uses human techniques for looking for reflected cross-site scripting (XSS) vulnerabilities

A collection of useful scripts for Cobalt Strike

A Modular Framework for the Automated Vulnerability Analysis in IP-based Networks

Semi-automatic OSINT framework and package manager

Repository of my CTF writeups

Script to automate PUT HTTP method exploitation to get shell

List of every possible vulnerabilities in computer security.

A curated list of awesome OSCP resources

SecurityExplained is a new series after the previous learning challenge series #Learn365. The aim of #SecurityExplained series is to create informational content in multiple formats and share with the community to enable knowledge creation and learning.

Tool to automate common OSINT tasks

Summary of online learning materials

A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.

Yet Another PHP Shell - The most complete PHP reverse shell

mosquito - Automating reconnaissance and brute force attacks

The LAZY script will make your life easier, and of course faster.

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

Share of my Huge Collection of Cheatsheet (Coding, Cheat, Pinouts, Command Lists, Etc.)

Python Interactive Deepweb-oriented Rapid Intelligent Link Analyzer

Wiki to collect Red Team infrastructure hardening resources

Tool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.

Extracting URLs of a specific target based on the results of "commoncrawl.org"

Command line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.

Physmem2profit can be used to create a minidump of a target hosts' LSASS process by analysing physical memory remotely

Spoilerwall introduces a brand new concept in the field of network hardening. Avoid being scanned by spoiling movies on all your ports!

🔭 Lightweight URL fuzzer and spider: Discover a web server's undisclosed files, directories and VHOSTs

🚀 Fast Port Scanner 🚀

Automated All-in-One OS Command Injection Exploitation Tool.

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)

LeakScraper is an efficient set of tools to process and visualize huge text files containing credentials. Theses tools are designed to help penetration testers and redteamers doing OSINT by gathering credentials belonging to their target.

Python3 script to parse txt files containing Mimikatz output

Cameradar hacks its way into RTSP videosurveillance cameras

linuxprivchecker.py -- a Linux Privilege Escalation Check Script

Penetration testing and auditing toolkit for Android apps.

Offline command line lookup utility for GTFOBins (https://github.com/GTFOBins/GTFOBins.github.io) and LOLBAS (https://github.com/LOLBAS-Project/LOLBAS)

Linux and Windows shellcode enrichment utility

Reverse proxies cheatsheet

A Virtual environment for Pentesting IoT Devices

A Python3 based single-file subdomain enumerator

This is my OSCP cheat sheet made by combining a lot of different resources online with a little bit of tweaking. I used this cheat sheet during my exam (Fri, 13 Sep 2019) and during the labs. I can proudly say it helped me pass so I hope it can help you as well ! Good Luck and Try Harder

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

Rockyou for web fuzzing

Bash script purposed for system enumeration, vulnerability identification and privilege escalation.

Generates malicious LNK file payloads for data exfiltration

Web path scanner

retrieve information via O365 with a valid cred

Reverse Shell as a Service

Awesome Nmap Grep

Ruby on Rails Phishing Framework

web-based OSINT and reconaissance toolkit

SSRF (Server Side Request Forgery) testing resources

Python based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.

Rescope is a tool geared towards pentesters and bugbounty researchers, that aims to make life easier when defining scopes for Burp Suite and OWASP ZAP.

Just Another Linux Enumeration Script: A Bash script for locally enumerating a compromised Linux box

WhiteWinterWolf's PHP web shell

Python network worm that spreads on the local network and gives the attacker control of these machines.

A tool to test security of json web token

This repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions

Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.

Collection of pentesting scripts