715 Open source projects that are alternatives of or similar to Fuxi

Kali Live Build Scripts

The SpecterOps project management and reporting engine

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

IoT固件漏洞挖掘工具

A Golang implant that uses Slack as a command and control server

A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/

IPv6 attack toolkit

domhttpx is a google search engine dorker with HTTP toolkit built with python, can make it easier for you to find many URLs/IPs at once with fast time.

一款功能强大的漏洞扫描器，子域名爆破使用aioDNS，asyncio异步快速扫描，覆盖目标全方位资产进行批量漏洞扫描，中间件信息收集，自动收集ip代理，探测Waf信息时自动使用来保护本机真实Ip，在本机Ip被Waf杀死后，自动切换代理Ip进行扫描，Waf信息收集(国内外100+款waf信息)包括安全狗，云锁，阿里云，云盾，腾讯云等，提供部分已知waf bypass 方案，中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等)，支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能

PoC Command and Control Server. Interact with clients through a private web interface, add new users for team sharing and more.

SMBExec implementation in Nim - SMBv2 using NTLM Authentication with Pass-The-Hash technique

Little tool made in python to create payloads for Linux, Windows and OSX with unique handler

network visualization & vulnerability management/reporting

An implementation of the waithax / slowhax 3DS Kernel11 exploit.

👻Stowaway -- Multi-hop Proxy Tool for pentesters

Create a VPS on Google Cloud Platform or Digital Ocean easily with Offensive Docker included to launch assessment to the targets.

Python-based CLI Password Analyser (Reporting Tool)

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

Captive wifi hotspot bypass tool for Linux

Random IPv6 - circumvents restrictive IP address-based filter and blocking rules

Bifrost C2. Open-source post-exploitation using Discord API

This cheasheet is aimed at the CTF Players and Beginners to help them sort Vulnhub Labs. This list contains all the writeups available on hackingarticles.

Get GTFOBins info about a given exploit from the command line

Wordpress Attack Suite

Dumain Bruteforcer - a fast and flexible domain bruteforcer

A vulnerability scanner for container images and filesystems

Automated script to run all modules for a specified list of domains, netblocks or company name

An MSBuildTask that checks for known vulnerabilities. Inspired by OWASP SafeNuGet.

My personal bug bounty toolkit.

Sample codes written for the Hackers to Hackers Conference magazine 2017 (H2HC).

Juniper Junos Space (CVE-2020-1611) (PoC)

Jackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.

A Security Tool for Enumerating WebSockets

Web Application Security Scanner

Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues

Loss modelling framework.

👻Impost3r -- A linux password thief

USB Rubber Ducky type scripts written for the DigiSpark.

A pentesting tool inspired by mr robot and derived by zphisher

The Red Rabbit project is just what a hacker needs for everyday automation. Red Rabbit unlike most frameworks out there does not automate other peoples tools like the aircrack suite or the wifite framework, it rather has its own code and is raw source with over 270+ options. This framework might just be your everyday key to your workflow

IoT 固件漏洞复现环境

Open Vulnerability Assessment Scanner - Scanner for Greenbone Vulnerability Management (GVM)

Burp extension to passively scan for applications revealing software version numbers

个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

WeirdAAL (AWS Attack Library)

A Docker container for remote penetration testing.

Browse and search through nmap's NSE scripts.

Notes from OSCP, CTF, security adventures, etc...

Simple DNS Rebinding Service

Search Google and download specific file types

A DNS rebinding attack framework.

brute force SSH public-key authentication

Network Pivoting Toolkit

#INFILTRATE20 raptor's party pack

CVE-2016-8610 (SSL Death Alert) PoC

Burp Extension for testing authorization issues. Automated request repeating and parameter value extraction on the fly.

Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. [email protected]

NSE scripts to detect CVE-2020-1350 SIGRED and CVE-2020-0796 SMBGHOST, CVE-2021-21972, proxyshell, CVE-2021-34473

Xbox One Symbolic Link Exploit: Access restricted/encrypted volumes using the Xbox File Explorer.

Directory Services Internals (DSInternals) PowerShell Module and Framework