893 Open source projects that are alternatives of or similar to Gorsh

Reverse shell generator written in Python 3.

Scrapes Router Passwords From http://www.routerpasswords.com ,more then +300 product

One stop place for exploiting Jira instances in your proximity

Monitoring GitHub for sensitive data shared publicly

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

A set of recipes useful in pentesting and red teaming scenarios

Tests for race conditions in web applications. Includes a RESTful API to integrate into a continuous integration pipeline.

Tool made to automate tasks of pentesting.

👻Impost3r -- A linux password thief

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)

Golang安全资源合集

All-in-one tool for managing vulnerability reports from AppSec pipelines

VirusTotal Wanna Be - Now with 100% more Hipster

Friends don't let friends leak secrets on their terminal window 🙈

Automation for internal Windows Penetrationtest / AD-Security

Secure, human-friendly, cross-platform secrets and config.

Kali Linux 工具合集中文说明书

Application and Service Fingerprinting

python3写的综合扫描工具，主要用来存活验证，敏感文件探测(目录扫描/js泄露接口/html注释泄露)，WAF/CDN识别，端口扫描，指纹/服务识别，操作系统识别，POC扫描，SQL注入，绕过CDN，查询旁站等功能，主要用来甲方自测或乙方授权测试，请勿用来搞破坏。

cobaltstrike的相关资源汇总 / List of Awesome CobaltStrike Resources

安全总是无处不在...

mosquito - Automating reconnaissance and brute force attacks

A community contributed consolidated list of InfoSec meetups in the Asia Pacific region.

Tools to automate and/or expedite response.

Documentation:

Command-line passphrase generator

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

Awesome Node.js Security resources

Responsive Command and Control System

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

A repository of sysmon configuration modules

IBM Fully Homomorphic Encryption Toolkit For Linux. This toolkit is a Linux based Docker container that demonstrates computing on encrypted data without decrypting it! The toolkit ships with two demos including a fully encrypted Machine Learning inference with a Neural Network and a Privacy-Preserving key-value search.

DeepSea Phishing Gear

Android Mobile Device Hardening

红队作战中比较常遇到的一些重点系统漏洞整理。

Venom - A Multi-hop Proxy for Penetration Testers

Forward shell generation framework

Security automation content in SCAP, OSCAL, Bash, Ansible, and other formats

A simple python reverse shell written just for fun.

A curated list of awesome social engineering resources.

iOS/macOS/Linux Remote Administration Tool

Machine Learning based Intrusion Detection Systems are difficult to evaluate due to a shortage of datasets representing accurately network traffic and their associated threats. In this project we attempt at solving this problem by presenting two taxonomies

Password wordlist generator using song lyrics for targeted bruteforce audits / attacks. Useful for penetration testing or security research.

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能

Script collection to bypass Network Access Control (NAC, 802.1x)

RFD Checker - security CLI tool to test Reflected File Download issues

Scan for open AWS S3 buckets and dump the contents

GitBook: OSCP RoadMap

Python3 script to perform LDAP queries and enumerate users, groups, and computers from Windows Domains. Ldap_Search can also perform brute force/password spraying to identify valid accounts via LDAP.

Scripts to gather system configuration information for offline/remote auditing

macro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments. The goal of macro_pack is to simplify exploitation, antimalware bypass, and automatize the process from malicious macro and script generation to final document generation. It also provides a lot of helpful features useful for redteam or security research.

Social Network Tabs Wordpress Plugin Vulnerability - CVE-2018-20555

Tool for complete hardening of Linux boot chain with UEFI Secure Boot

Passive Security Scanner (被动式安全扫描器)

Collection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)

Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor

Micro-framework for rapid development of reusable security tools

A flexible control server for osquery fleets

Subdomain Takeover tool written in Go

It's a simple tool for test vulnerability shellshock