1280 Open source projects that are alternatives of or similar to Hacker101 Ctf

📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.

A curated list of awesome privilege escalation

Hacking Toolkit

All releases of the security research group (a.k.a. hackers) The Hacker's Choice

A tool to test security of json web token

Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.

Next generation web scanner

Vagrant VirtualBox environment for conducting an internal network penetration test

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Penetration Testing notes, resources and scripts

Python Interactive Deepweb-oriented Rapid Intelligent Link Analyzer

Keye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will make a request to these URLs and try to detect changes based on their response's body length.

A collection of hacking / penetration testing resources to make you better!

Portia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised. Portia performs privilege escalation as well as lateral movement automatically in the network

Web Application Security Scanner Framework

This tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely useful for a forensics team to extract timestamps after an attack on a host to collect evidences and perform further analysis.

Top 100 Hacking & Security E-Books (Free Download)

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

Awesome Vulnerable Applications

ANDRAX The first and unique Penetration Testing platform for Android smartphones

Subdomain enumeration through various techniques

Spoof SSDP replies and create fake UPnP devices to phish for credentials and NetNTLM challenge/response.

CTF Cheatsheet

大型内网渗透扫描器&Cobalt Strike，Ladon8.9内置120个模块，包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2，密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem，Poc/Exploit,支持Cobalt Strike 3.X-4.0

Rubyfu, where Ruby goes evil!

A Python tool used to automate the execution of the following tools : Nmap , Nikto and Dirsearch but also to automate the report generation during a Web Penetration Testing

CTF竞赛权威指南

Hosted Reverse Shell generator with a ton of functionality. -- (Great for CTFs)

Capture-the-Flag (CTF) environment setup tools for OWASP Juice Shop

Free advanced and modern Windows botnet with a nice and secure PHP panel.

The iCTF Framework, presented by Shellphish!

TechNowLogger is Windows/Linux Keylogger Generator which sends key-logs via email with other juicy target info

Advanced and easy to use penetration testing framework 💣🔎

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

Fully automated offensive security framework for reconnaissance and vulnerability scanning

A list of payload and bypass lists for penetration testing and red team infrastructure build.

File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.

A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.

Cameradar hacks its way into RTSP videosurveillance cameras

PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.

Git All the Payloads! A collection of web attack payloads.

HydraFW official firmware for HydraBus/HydraNFC for researcher, hackers, students, embedded software developers or anyone interested in debugging/hacking/developing/penetration testing

Quick SQL Scanner, Dorker, Webshell injector PHP

PowerShell payload generator

Pentest: Subdomains enumeration tool for penetration testers.

A script to configure a TP-Link MR3040 running OpenWRT into a simple, yet powerful penetration-testing "dropbox".

TryHackMe CTFs writeups, notes, drafts, scrabbles, files and solutions.

Multi source CVE/exploit parser.

Cheat-Sheet of tools for penetration testing

🔑 Hash type identifier (CLI & lib)

Framework For Exploring kernel vulnerabilities, network vulnerabilities ✨

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

Argus Advanced Remote & Local Keylogger For macOS and Windows

A cli for cracking, testing vulnerabilities on Json Web Token(JWT)

Docker - Ubuntu with a bunch of PenTesting tools and wordlists

Get GTFOBins info about a given exploit from the command line

Framework for rapid development and reusable of security tools

Offensive Reverse Shell (Cheat Sheet)

Common Web Managers Fuzz Wordlists