715 Open source projects that are alternatives of or similar to Fuxi

This tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs enabling attackers to read data they shouldn't be able to. This tool is originally based on Microsoft: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in

Automated Pentest Tools Designed For Parrot Linux

Domain name permutation engine written in Go

JSON RSA to HMAC and None Algorithm Vulnerability POC

unix SSH post-exploitation 1337 tool

A tool to test security of json web token

Ary 是一个集成类工具，主要用于调用各种安全工具，从而形成便捷的一键式渗透。

The LAZY script will make your life easier, and of course faster.

A tool to automate penetration tests

Subdomain enumeration through various techniques

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

Penetration tests guide based on OWASP including test cases, resources and examples.

A fast web directory/file enumeration tool written in Rust

👶 BabySploit Beginner Pentesting Toolkit/Framework Written in Python 🐍

🔄 A collection of mitmproxy inline scripts

🔐 Docker Container for Penetration Testing & Security

Bilingual PhishingKit. TigerShark intergrates a vast array of various phishing tools and frameworks, from C2 servers, backdoors and delivery methods in multiple scripting languages in order to suit whatever your deployment needs may be.

Multi source CVE/exploit parser.

Audit tool to find common vulnerabilities in PHP source code

Common Web Managers Fuzz Wordlists

Multi OTP Spam Amp/Paralell threads

👀 🖥️ Golang rewrite of eyes.sh. Let's you perform domain/IP address information gathering. Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?" 🔍 🕵️

Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Passhunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.

Hacking Toolkit

This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.

Let's you perform domain/IP information gathering... in BASH! Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?"

A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

Penetration test Achieve Knowledge Unite Rapid Interface

Pentesting suite for Maltego based on data in a Metasploit database

A wrapper for Nmap to quickly run network scans

Gives you one-liners that aids in penetration testing operations, privilege escalation and more

备考 OSCP 的各种干货资料/渗透测试干货资料

Advanced vulnerability scanning with Nmap NSE

🌔 Official Repository for DarkSpiritz Penetration Framework | Written in Python 🐍

Tool Information Gathering & social engineering Write By [Python,JS,PHP]

Quick SQL Scanner, Dorker, Webshell injector PHP

Vaf is a cross-platform very advanced and fast web fuzzer written in nim

Go library for credentials recovery

Attack Surface Management Platform | Sn1perSecurity LLC

pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)

Vulnerability assessment and penetration testing automation and reporting platform for teams.

Yet Another PHP Shell - The most complete PHP reverse shell

SMTP and IMAP checker / cracker for mailpass combolists with a user-friendly GUI, automated inbox test and many more features.

Tool Information Gathering Write By Python.

Fully automated offensive security framework for reconnaissance and vulnerability scanning

network reconnaissance toolkit

It's a Docker Environment for pentesting which having all the required tool for VAPT.

hydra

All releases of the security research group (a.k.a. hackers) The Hacker's Choice

Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security.

🏴‍☠️ Pwn misconfigured sites running ShareX custom image uploader API through chained exploit

JustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)

Web path scanner

Tool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.

ODAT: Oracle Database Attacking Tool

Burp Suite extension to passively scan for applications revealing server error messages

A Virtual Machine For Assessing Android applications, Reverse Engineering and Malware Analysis