893 Open source projects that are alternatives of or similar to Gorsh

Hershell is a simple TCP reverse shell written in Go.

Chashell is a Go reverse shell that communicates over DNS. It can be used to bypass firewalls or tightly restricted networks.

Webshell Manager

Python AV Evasion Tools

Utility for hunting UAC bypasses or COM/DLL hijacks that alerts on the exported function that was consumed.

🌒 Shell command obfuscation to avoid detection systems

⬆️ ☠️ Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, polkit, docker socket

Awesome cloud enumerator

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

a unique framework for cybersecurity simulation and red teaming operations, windows auditing for newer vulnerabilities, misconfigurations and privilege escalations attacks, replicate the tactics and techniques of an advanced adversary in a network.

Most usable tools for iOS penetration testing

Dashboard to collect, analyze, and respond to reported phishing emails.

Monitoring GitHub for sensitive data shared publicly

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.

Search for Unix binaries that can be exploited to bypass system security restrictions.

Functions that can be used to gain Reverse Shells with PowerShell

👻Impost3r -- A linux password thief

Automatic Reverse Shell Generator

👻Stowaway -- Multi-hop Proxy Tool for pentesters

Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.

A collection of awesome security hardening guides, tools and other resources

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

Golang安全资源合集

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…

A Blazing fast Security Auditing tool for Kubernetes

An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)

Cameradar hacks its way into RTSP videosurveillance cameras

A set of recipes useful in pentesting and red teaming scenarios

One stop place for exploiting Jira instances in your proximity

C++ Windows Reverse Shell - Universal DLL Hijack | SSL Encryption | Statically Linked

FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.

Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps. 👻🐚

LinkedinScraper is an another information gathering tool written in python. You can scrape employees of companies on Linkedin.com and then create these employee names, titles and emails.

A list of vulnerabilities or design flaws that Microsoft does not intend to fix. Since the number is growing, I decided to make a list. This list covers only vulnerabilities that came up in July 2021 (and SpoolSample ;-))

Offensive Reverse Shell (Cheat Sheet)

HTTP Request Smuggling over HTTP/2 Cleartext (h2c)

🙃 Reverse Shell Cheat Sheet 🙃

Tests for race conditions in web applications. Includes a RESTful API to integrate into a continuous integration pipeline.

Reverse shell generator written in Python 3.

mXtract - Memory Extractor & Analyzer

GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

An OSINT Metadata analyzing tool that filters through tags and creates reports

A list to discover work of red team tooling and methodology for penetration testing and security assessment

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

A default credential scanner.

fireELF - Fileless Linux Malware Framework

The Swiss Army knife for automated Web Application Testing

Scrapes Router Passwords From http://www.routerpasswords.com ,more then +300 product

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

We propose a user-friendly add-on that allows you to check if your encrypted web traffic (SSL/TLS) towards secured Internet servers (HTTPS) is not intercepted (being listened to).

Automatically spawn a reverse shell fully interactive for Linux or Windows victim

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

DeimosC2 is a Golang command and control framework for post-exploitation.

Snoop — инструмент разведки на основе открытых данных (OSINT world)

gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...