1066 Open source projects that are alternatives of or similar to ggtfobins

SMTP and IMAP checker / cracker for mailpass combolists with a user-friendly GUI, automated inbox test and many more features.

🏴‍☠️ Tools for pentesting, CTFs & wargames. 🏴‍☠️

AV-evading Pythonic Reverse Shell with Dynamic Adaption Capabilities

Feature-rich Post Exploitation Framework with Network Pivoting capabilities.

A Tool for Domain Flyovers

Snoop — инструмент разведки на основе открытых данных (OSINT world)

Next generation web scanner

Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.

🙃 Reverse Shell Cheat Sheet 🙃

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…

An advanced tool for email reconnaissance

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

🔗 Don't know what type of hash it is? Name That Hash will name that hash type! 🤖 Identify MD5, SHA256 and 3000+ other hashes ☄ Comes with a neat web app 🔥

JustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)

Vanquish is Kali Linux based Enumeration Orchestrator. Vanquish leverages the opensource enumeration tools on Kali to perform multiple active information gathering phases.

Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords

Dradis Framework: Colllaboration and reporting for IT Security teams

A default credential scanner.

A curated list of awesome OSCP resources

Collection of several DDos tools.

Pentest Report Generator

Command line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.

Roadmap for preparing for OSCP, anyone is free to use this, and also feedback and contributions are welcome

Leverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.

A collection of hacking / penetration testing resources to make you better!

Detect hidden files and text in images

Wireshark Cheat Sheet

A list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP (and more) study material. Commands in 'Usefulcommands' Keepnote. Bookmarks and reading material in 'BookmarkList' CherryTree. Reconscan Py2 and Py3. Custom ISO building.

Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.

Reconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.

Cameradar hacks its way into RTSP videosurveillance cameras

Script will enumerate domain name using horizontal enumeration, reverse lookup. Each horziontal domain will then be vertically enumerated using Sublist3r.

HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.

A MongoDB importer and API for Project Sonars DNS datasets

Script to spider a website and find publicly open S3 buckets

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

an asynchronous target enumeration tool

Writeups for vulnerable machines.

Opening the door, one reverse shell at a time

Multi Tool Subdomain Enumeration

Notes for taking the OSCP in 2097. Read in book form on GitBook

A fast web directory/file enumeration tool written in Rust

Security Tool to Look For Interesting Files in S3 Buckets

A collection of personal scripts used in hacking excercises.

🔐 Docker Container for Penetration Testing & Security

graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology is behind a given GraphQL endpoint.

This tool provides commandline access for https://www.hackthebox.eu, https://tryhackme.com/ and https://www.vulnhub.com/ machines.

Multi source CVE/exploit parser.

Automated Web Recon Shell Scripts

Login hunter of default credentials for administrative web interfaces leveraging NNdefaccts dataset.

PowerShell payload generator

Pentest: Subdomains enumeration tool for penetration testers.

Automated NoSQL database enumeration and web application exploitation tool.

Totally Insecure Web Application Project (TIWAP)

Writeups for infosec Capture the Flag events by team Galaxians

Find cloud assets that no one wants exposed 🔎 ☁️

How to prepare for OSCP complete guide

DevBrute is a Password Brute Forcer, It can Brute Force almost all Social Media Accounts or Any Web Application.

Collection of penetration test reports and pentest report templates. Published by the the best security companies in the world.

Automated script to run all modules for a specified list of domains, netblocks or company name