715 Open source projects that are alternatives of or similar to Fuxi

渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms

A tool for generating reverse shell payloads on the fly.

Burp extension to passively scan for applications revealing software version numbers

个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

WeirdAAL (AWS Attack Library)

A Docker container for remote penetration testing.

整理一些内网常用渗透小工具

GoPhish Templates that I have retired and/or templates I've recreated.

Free Security and Hacking eBooks

A script to configure a TP-Link MR3040 running OpenWRT into a simple, yet powerful penetration-testing "dropbox".

C2/post-exploitation framework

Top 100 Hacking & Security E-Books (Free Download)

汽车/安卓/固件/代码安全测试工具集

Scripts I use during pentest engagements.

DoS PoC's for SAP products

Awesome cloud enumerator

OPCDE Cybersecurity Conference Materials

DevBrute is a Password Brute Forcer, It can Brute Force almost all Social Media Accounts or Any Web Application.

A tool for logging data/testing devices with a Wiegand Interface. Can be used to create a portable RFID reader or installed directly into an existing installation. Provides access to a web based interface using WiFi in AP or Client mode. Will work with nearly all devices that contain a standard 5V Wiegand interface. Primary target group is 26-37bit HID Cards. Similar to the Tastic RFID Thief, Blekey, and ESPKey.

A dictionary attack tool for PostgreSQL and MSSQL

Python Books for Security

DNSTake — A fast tool to check missing hosted DNS zones that can lead to subdomain takeover

Overlord - Red Teaming Infrastructure Automation

Collect email addresses by crawling search engine results.

Auto Scanning to SSL Vulnerability

Penetration tests on SSH servers using brute force or dictionary attacks. Written in Python.

Apache Shiro 反序列化漏洞检测与利用工具

A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.

Extraction of iMessage Data via XSS

Rustcat(rcat) - The modern Port listener and Reverse shell

A ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network

This Script will produce all of the WPA2 Passwords used by various Router companies aswell as Fritzbox. All of these Passwords will be 16 Numbers in length. So it could get a bit large.

(Deprecated) Submit all images in your Kubernetes cluster to Anchore for a vulnerability check and check your configuration with kubeaudit

CloudDefense.ai is an automated web application security testing tool that audits your web applications by checking for vulnerabilities like SQL Injection, Cross-site scripting and other exploitable vulnerabilities.

Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. [email protected]

NSE scripts to detect CVE-2020-1350 SIGRED and CVE-2020-0796 SMBGHOST, CVE-2021-21972, proxyshell, CVE-2021-34473

Work in progress...

Functions that can be used to gain Reverse Shells with PowerShell

generates weak passwords based on current date

OSINT Tool: Generate username lists for companies on LinkedIn

Adobe Experience Manager Vulnerability Scanner

🕵️‍♀️ Mondoo Cloud-Native Security & Vulnerability Risk Management

All In One Pentesting Tool For Recon & Auditing , Phone Number Lookup , Header , SSH Scan , SSL/TLS Scan & Much More.

Find exploit tool

Turn PuTTY into an SSH login bruteforcing tool.

An implementation of the waithax / slowhax 3DS Kernel11 exploit.

Kali image with kali-linux-full metapackage installed, build every night.

👻Stowaway -- Multi-hop Proxy Tool for pentesters

TryHackMe CTFs writeups, notes, drafts, scrabbles, files and solutions.

A pentesting tool inspired by mr robot and derived by zphisher

Vulnerability consolidation and management tool, enhances scan results by merging different findings of the same weakness across multiple static/dynamic scans

Open Vulnerability Assessment Scanner - Scanner for Greenbone Vulnerability Management (GVM)

Xbox One Symbolic Link Exploit: Access restricted/encrypted volumes using the Xbox File Explorer.

Directory Services Internals (DSInternals) PowerShell Module and Framework

hack tools

Real world and CTFs exploiting web/binary POCs.

Log4j Vulnerability Scanner for Windows

红队综合渗透框架

Scheme flooding vulnerability: how it works and why it is a threat to anonymous browsing

A web application for generating custom XSS payloads