1195 Open source projects that are alternatives of or similar to Goat

Official Black Hat Arsenal Security Tools Repository

ANDRAX The first and unique Penetration Testing platform for Android smartphones

安全编排与自动化响应平台

The DevSecOps toolset for REST APIs

This is a collection of #botnet source codes, unorganized. For EDUCATIONAL PURPOSES ONLY

Advanced and easy to use penetration testing framework 💣🔎

Allows you to quickly query a Windows machine for RAM artifacts

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

RCEed version of computer malware / rootkit MyRTUs / Stuxnet.

Creative and unusual things that can be done with the Windows API.

File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

A secure and decentralized Bitcoin and other cryptocurrency wallet for iPhone. Supports Bitcoin, Ethereum, EOS, Binance Chain, Bitcoin Cash, DASH, ...

CTF竞赛权威指南

🔑 Open source stealer written on C#, all logs will be sent to Telegram bot.

nntp based decentralized imageboard

Pythonic ransomware proof of concept.

Repository containting original and decompiled files of TRISIS/TRITON/HATMAN malware

大型内网渗透扫描器&Cobalt Strike，Ladon8.9内置120个模块，包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2，密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem，Poc/Exploit,支持Cobalt Strike 3.X-4.0

Small tool for generating ropchains using unicorn and z3

Facebook Cracker Version 1.0 can crack into Facebook Database 100% without Interruption By Facebook Firewall

Sandbox for automated Linux malware analysis.

facebook hacking toolkit

Hide secrets with invisible characters in plain text securely using passwords 🧙🏻‍♂️⭐

Simple Dll injector loading from memory. Supports PE header and entry point erasure. Written in C99.

Tool designed to help identify incorrectly configured Django applications that are exposing sensitive information.

CTF Cheatsheet

List of Awesome Windows Security Resources

A merged collection of hosts from reputable sources. #StayEnergized!

🔩 jwt-hack is tool for hacking / security testing to JWT. Supported for En/decoding JWT, Generate payload for JWT attack and very fast cracking(dict/brutefoce)

An automated e-mail OSINT tool

Anteater - CI/CD Gate Check Framework

轻量高效的 Trojan 代理，使用 Rust 实现

CMS Detection and Exploit Kit based on Whatcms.org API

Facebook Brute Forcer in shellscript using TOR

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

🛡️⚔️ Protect your web app from DDOS attack or the Dead Ping + CAPTCHA VERIFICATION in one line!

3Box JavaScript SDK: User identities, storage, messaging

Evasions encyclopedia gathers methods used by malware to evade detection when run in virtualized environment. Methods are grouped into categories for ease of searching and understanding. Also provided are code samples, signature recommendations and countermeasures within each category for the described techniques.

A high performance offensive security tool for reconnaissance and vulnerability scanning

Some Reverse Engineering Tutorials for Beginners

Xss Payload Generator ~ Xss Scanner ~ Xss Dork Finder

BruteDum - Brute Force attacks SSH, FTP, Telnet, PostgreSQL, RDP, VNC with Hydra, Medusa and Ncrack

OSINT Project

采集免费、优质的机场订阅连接；科学上网，从娃娃抓起！/SSR/V2RAY/TROJAN/SPIDER

Open source Android, iOS and Web app for learning about and managing digital and physical security. From how to send a secure message to dealing with a kidnap. Umbrella has best practice guides in over 40 topics in multiple languages. Used daily by people working in high risk countries - journalists, activists, diplomats, business travelers etc.

This tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely useful for a forensics team to extract timestamps after an attack on a host to collect evidences and perform further analysis.

Lockphish it's the first tool (07/04/2020) for phishing attacks on the lock screen, designed to grab Windows credentials, Android PIN and iPhone Passcode using a https link.

Independent telecommunication environment

TechNowLogger is Windows/Linux Keylogger Generator which sends key-logs via email with other juicy target info

Text, samples and website for my 'Effective Shell' series.

Qiling Advanced Binary Emulation Framework

Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting

🍰 Trace objc method call for ios and mac

HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.

📕 Both personal and public notes for EC-Council's CEHv10 312-50, because its thousands of pages/slides of boredom, and a braindump to many

RubberDucky like payloads for DigiSpark Attiny85

New Interface And Loading Screen For Termux Users

retrieve information via O365 with a valid cred

A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.

Taxonomies used in MISP taxonomy system and can be used by other information sharing tool.