945 Open source projects that are alternatives of or similar to Fudgec2

C2/post-exploitation framework

The Collective. A repo for a collection of red-team projects found mostly on Github.

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

备考 OSCP 的各种干货资料/渗透测试干货资料

ARTi-C2 is a post-exploitation framework used to execute Atomic Red Team test cases with rapid payload deployment and execution capabilities via .NET's DLR.

An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.

a unique framework for cybersecurity simulation and red teaming operations, windows auditing for newer vulnerabilities, misconfigurations and privilege escalations attacks, replicate the tactics and techniques of an advanced adversary in a network.

GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

A simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK

🆕 The Multi-Tool Web Vulnerability Scanner.

We propose a user-friendly add-on that allows you to check if your encrypted web traffic (SSL/TLS) towards secured Internet servers (HTTPS) is not intercepted (being listened to).

Automated, extensible toolset that runs cypher queries against Bloodhound's Neo4j backend and saves output to spreadsheets.

Open source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.

Attack Surface Management Platform | Sn1perSecurity LLC

linux post-exploitation framework made by linux user

Get Keyboard,Mouse,ScreenShot,Microphone Inputs from Target Computer and Send to your Mail.

A collection of awesome security hardening guides, tools and other resources

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

👻Stowaway -- Multi-hop Proxy Tool for pentesters

A set of recipes useful in pentesting and red teaming scenarios

Explore Indicators of Compromise Automatically

Collection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)

unix SSH post-exploitation 1337 tool

A Golang Reverse Shell w/ a Tmux-driven psuedo-C2 Interface

💻⚠️ A curated collection of awesome malware, botnets, and other post-exploitation tools.

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

👻Impost3r -- A linux password thief

Network Pivoting Toolkit

RMIScout uses wordlist and bruteforce strategies to enumerate Java RMI functions and exploit RMI parameter unmarshalling vulnerabilities

Load shellcode into a new process

fireELF - Fileless Linux Malware Framework

mXtract - Memory Extractor & Analyzer

A list of vulnerabilities or design flaws that Microsoft does not intend to fix. Since the number is growing, I decided to make a list. This list covers only vulnerabilities that came up in July 2021 (and SpoolSample ;-))

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

metasploit-framework 图形界面 / 图形化内网渗透工具

Monitoring your Slack workspaces for sensitive information

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

The Cyber Security Platform MeliCERTes is part of the European Strategy for Cyber Security. MeliCERTes is a network for establishing confidence and trust among the national Computer Security Incident Response Teams (CSIRTs) of the Member States and for promoting swift and effective operational cooperation.

A Docker Image For the Open Vulnerability Assessment Scanner (OpenVAS)

Security automation content in SCAP, OSCAL, Bash, Ansible, and other formats

Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor

Red Teaming Tactics and Techniques

Automated NoSQL database enumeration and web application exploitation tool.

A PowerShell-based toolkit and framework consisting of a collection of techniques and tradecraft for use in red team, post-exploitation, adversary simulation, or other offensive security tasks.

Webshell Manager

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...

An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.

Monitoring GitLab for sensitive data shared publicly

🚀 Fast Port Scanner 🚀

An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR

🔒 A curated checklist of 300+ tips for protecting digital security and privacy in 2021

Search for Unix binaries that can be exploited to bypass system security restrictions.

Functions that can be used to gain Reverse Shells with PowerShell

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

GUI based offensive penetration testing tool (Open Source)

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.