945 Open source projects that are alternatives of or similar to Fudgec2

An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR

Information Security Library

RMIScout uses wordlist and bruteforce strategies to enumerate Java RMI functions and exploit RMI parameter unmarshalling vulnerabilities

This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.

unix SSH post-exploitation 1337 tool

metasploit-framework 图形界面 / 图形化内网渗透工具

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

Functions that can be used to gain Reverse Shells with PowerShell

Webshell Manager

Collection of PowerShell functions a Red Teamer may use to collect data from a machine

gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...

Search for Unix binaries that can be exploited to bypass system security restrictions.

We propose a user-friendly add-on that allows you to check if your encrypted web traffic (SSL/TLS) towards secured Internet servers (HTTPS) is not intercepted (being listened to).

Security automation content in SCAP, OSCAL, Bash, Ansible, and other formats

DNS-Persist is a post-exploitation agent which uses DNS for command and control.

Leaked pentesting manuals given to Conti ransomware crooks

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)

OSINT Bookmarks for Firefox / Chrome / Edge / Safari

This script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)

🆕 The Multi-Tool Web Vulnerability Scanner.

A Golang Reverse Shell w/ a Tmux-driven psuedo-C2 Interface

💻⚠️ A curated collection of awesome malware, botnets, and other post-exploitation tools.

GUI based offensive penetration testing tool (Open Source)

An anti-ARP-spoofing application software that use active and passive scanning methods to detect and remove any ARP-spoofer from the network.

OpSec-safe Powershell runspace from within C# (aka SharpPick) with AMSI, Constrained Language Mode and Script Block Logging disabled at startup

Use ExpiredDomains.net and BlueCoat to find useful domains for red team.

End-To-End File & Message Encryption For Discord

The GitHub of Adversary Emulation Plans in JSON. Share SCYTHE threats with the community. #ThreatThursday adversary emulation plans are shared here.

Offensive tools as Dockerfiles. Lightweight & Ready to go

Detection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.

Find cloud assets that no one wants exposed 🔎 ☁️

Enine boyuna siber güvenlik

Як не стати кібер-жертвою

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

Extract uncompiled, uncompressed SPA code from Webpack source maps.

A ZigBee hacking toolkit by Bishop Fox

Tool for viewing and analyzing execution traces

Hyuga 一个用来记录DNS查询和HTTP请求的监控工具。

泰阿安全实验室-基于XUbuntu私人订制的红蓝对抗渗透操作系统

Custom memory allocator that helps discover reads from uninitialized memory

OSS Vulnerability Scanner for Windows Platform

Penetration testing utility, and antivirus assessment tool.

🛡️ Make your web services secure by default !

Intel Owl: analyze files, domains, IPs in multiple ways from a single API at scale

PyIris-backdoor is a modular, stealthy and flexible remote-access-toolkit written completely in python used to command and control other systems. It is now in the beta stage, possibly perpetually. There are bugs still present in the framework, feel free to contribute or help me out with this project its still under active development >_>

Collecting & Hunting for IOCs with gusto and style

Authors

A dashboard for a real-time overview of threat intelligence from MISP instances

[unmaintained] Post-exploitation tool

Search exposed EBS volumes for secrets

Zombie Ant Farm: Primitives and Offensive Tooling for Linux EDR evasion.

A collection of Ansible Playbooks that configure Kali to use Fish & install a number of tools

Roadmap for preparing for OSCP, anyone is free to use this, and also feedback and contributions are welcome

Python library and CLI for the Bug Bounty Recon API

Exploit management framework

An open source tool to aid in command line driven generation of bug bounty reports based on user provided templates.

Intelligence and Reconnaissance Package/Bundle installer.

Relational database brute force and post exploitation tool for MySQL and MSSQL

Proton Framework is a Windows post-exploitation framework similar to other Windows post-exploitation frameworks. The major difference is that the Proton Framework does most of its operations using Windows Script Host, with compatibility in the core to support a default installation of Windows 2000 with no service packs all the way through Windows 10.