544 Open source projects that are alternatives of or similar to Gtfoblookup

LeakScraper is an efficient set of tools to process and visualize huge text files containing credentials. Theses tools are designed to help penetration testers and redteamers doing OSINT by gathering credentials belonging to their target.

DeepSea Phishing Gear

A PowerShell-based toolkit and framework consisting of a collection of techniques and tradecraft for use in red team, post-exploitation, adversary simulation, or other offensive security tasks.

ReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.

Open source pre-operation C2 server based on python and powershell

Load a fresh new copy of ntdll.dll via file mapping to bypass API inline hook.

👻Stowaway -- Multi-hop Proxy Tool for pentesters

An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.

Automation for internal Windows Penetrationtest / AD-Security

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

fireELF - Fileless Linux Malware Framework

Python3 script to perform LDAP queries and enumerate users, groups, and computers from Windows Domains. Ldap_Search can also perform brute force/password spraying to identify valid accounts via LDAP.

A list to discover work of red team tooling and methodology for penetration testing and security assessment

mosquito - Automating reconnaissance and brute force attacks

Passwords Recovery Tool

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

🚀 Fast Port Scanner 🚀

Attempting to be an all in one repo for others' userful aggressor scripts as well as things we've found useful during Red Team Operations.

Awesome cloud enumerator

This repository contains full code examples from the book Gray Hat C#

👻Impost3r -- A linux password thief

OSINT

Perun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架

Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.

DNS-Persist is a post-exploitation agent which uses DNS for command and control.

A set of recipes useful in pentesting and red teaming scenarios

Red Teaming Tactics and Techniques

Tactics, Techniques, and Procedures

This repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions

备考 OSCP 的各种干货资料/渗透测试干货资料

mXtract - Memory Extractor & Analyzer

Venom - A Multi-hop Proxy for Penetration Testers

The Collective. A repo for a collection of red-team projects found mostly on Github.

Go-deliver is a payload delivery tool coded in Go.

Linux enumeration tool for pentesting and CTFs with verbosity levels

A collection of scripts I've written to help red and blue teams with malware persistence techniques.

small python3 tool to check common vulnerabilities in SMTP servers

Penetration Testing and Hacking CTF's Swiss Army Knife with: Reverse Shell Handling - Encoding/Decoding - Encryption/Decryption - Cracking Hashes / Hashing

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python

Collection of quality safety articles. Awesome articles.

An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.

Paramalyzer - Burp extension for parameter analysis of large-scale web application penetration tests.

A collection of public offensive and defensive security related scripts for InfoSec students.

Powerful Visual Subdomain Enumeration at the Click of a Mouse

New UAC bypass for Silent Cleanup for CobaltStrike

Bella is a pure python post-exploitation data mining tool & remote administration tool for macOS. 🍎💻

A container repository for my public web hacks!

The Swiss Army knife for 802.11, BLE, IPv4 and IPv6 networks reconnaissance and MITM attacks.

Elasticsearch for Offensive Security

Extensible Red Team Framework

Webshell Manager

🏴‍☠️ Information Gathering tool 🏴‍☠️ DNS / Subdomains / Ports / Directories enumeration

Abusing Certificate Transparency logs for getting HTTPS websites subdomains.

A Golang Reverse Shell w/ a Tmux-driven psuedo-C2 Interface

Fast Modular Web Interfaces Bruteforcer

A PowerShell module to deploy active directory decoy objects.

A step-by-step walkthrough of CloudGoat 2.0 scenarios.

SSRF (Server Side Request Forgery) testing resources