370 Open source projects that are alternatives of or similar to FYI

my oscp prep collection

Attack Surface Management Platform | Sn1perSecurity LLC

Classic code from 1999+ I am fairly sure this is the first public polymorphic shellcode ever (best IMHO and others http://ids.cs.columbia.edu/sites/default/files/ccs07poly.pdf :) If I ever port this to 64 or implement a few other suggestions (sorry I lost ppc code version contributed) it will be orders of magnitude more difficult to spot, so I h…

A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.

Common password pattern generator using strings list

Functions that can be used to gain Reverse Shells with PowerShell

⌨️ Wordlists, Dictionaries and Other Data Sets for Writing Software Security Test Cases

A pentesting tool inspired by mr robot and derived by zphisher

A collection of public offensive and defensive security related scripts for InfoSec students.

A web application for generating custom XSS payloads

Search Google and download specific file types

Web App Pen Tester (Web Interface)

A collection of Ansible roles for automating infosec builds.

List of every possible vulnerabilities in computer security.

Vagrant VirtualBox environment for conducting an internal network penetration test

Yet Another PHP Shell - The most complete PHP reverse shell

SSH man-in-the-middle tool

This script will you help to find the information about the website and to help in penetrating testing

A Python Hacking Library consisting of network scanner, arp spoofer and detector, dns spoofer, code injector, packet sniffer, network jammer, email sender, downloader, wireless password harvester credential harvester, keylogger, download&execute, ransomware, data harvestors, etc.

A Tool for Domain Flyovers

A collection of manifests that will create pods with elevated privileges.

cms识别

Hakku Framework penetration testing

A Collection of articles, videos, blogs, talks and other materials on Node.js Security

Command line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.

Common Web Managers Fuzz Wordlists

Pass in a list of URLs with query strings, get back a unique list of URLs and query string combinations

Host Header Injection Checker

GitBook: OSCP RoadMap

Hacking, pen-testing, and cyber-security related tools built with Python.

Spoof SSDP replies and create fake UPnP devices to phish for credentials and NetNTLM challenge/response.

An advanced command-line search engine for Exploit-DB

Collection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)

AV-evading Pythonic Reverse Shell with Dynamic Adaption Capabilities

pentest toolbox

Reverse shell manager using tmux and ncat

The Collective. A repo for a collection of red-team projects found mostly on Github.

Vulnerability assessment and penetration testing automation and reporting platform for teams.

Collection of the cheat sheets useful for pentesting

Statically-linked ssh server with reverse shell functionality for CTFs and such

🔪 Leak git repositories from misconfigured websites

Reconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.

Dark-Phish is a complete phishing tool. For more about Dark-Phish tool please visit the website.

List of Bluetooth BR/EDR/LE security resources

SQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcing

domhttpx is a google search engine dorker with HTTP toolkit built with python, can make it easier for you to find many URLs/IPs at once with fast time.

File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

Little tool made in python to create payloads for Linux, Windows and OSX with unique handler

Detect hidden files and text in images

Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place

An XMLRPC brute forcer targeting Wordpress written in Python 3. (DISCONTINUED)

Infection vector that bypasses AV, IDS, and IPS. (For now...)

🏴‍☠️ Pwn misconfigured sites running ShareX custom image uploader API through chained exploit

Notes from OSCP, CTF, security adventures, etc...

JSON RSA to HMAC and None Algorithm Vulnerability POC

Go library for credentials recovery

Automated Web Recon Shell Scripts

In my computer security courses I make extensive usage of cheatsheets for various tools and extra materials to complement the student learning if they are willing to do so. I have decided to share them to enable others to take advantage of them

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

All in One Hacking Tool for Linux & Android (Termux). Make your linux environment into a Hacking Machine. Hackers are welcome in our blog