1144 Open source projects that are alternatives of or similar to Hacker_ezines

This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.

Thoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.

Asynchronous Python implementation of SlowLoris DoS attack

Hourly updated database of exploit and exploitation reports

OWASP VBScan is a Black Box vBulletin Vulnerability Scanner

Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.

Arissploit Framework is a simple framework designed to master penetration testing tools. Arissploit Framework offers simple structure, basic CLI, and useful features for learning and developing penetration testing tools.

CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4

This repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions

hacker, ready for more of our story ! 🚀

An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)

Some of my public exploits

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

一款适用于红蓝对抗中的仿真钓鱼系统

🎩 [penetration testing Book], Kali Magic, Cryptography, Hash Crack, Botnet, Rootkit, Malware, Spyware, Python, Go, C|EH.

This is a minified exploit for mikrotik routers. It does not require any aditional modules to run.

Xbox One Symbolic Link Exploit: Access restricted/encrypted volumes using the Xbox File Explorer.

Scheme flooding vulnerability: how it works and why it is a threat to anonymous browsing

Search for Unix binaries that can be exploited to bypass system security restrictions.

Apache Shiro 反序列化漏洞检测与利用工具

A collection of android Exploits and Hacks

This repository contains full code examples from the book Gray Hat C#

Vulners Python API wrapper

🍓📡🍍Monitor illegal wireless network activities. (Fake Access Points), (WiFi Threats: KARMA Attacks, WiFi Pineapple, Similar SSID, OPN Network Density etc.)

OWSAP Damn Vulnerable Web Sockets (DVWS) is a vulnerable web application which works on web sockets for client-server communication.

iblessing is an iOS security exploiting toolkit, it mainly includes application information collection, static analysis and dynamic analysis. It can be used for reverse engineering, binary analysis and vulnerability mining.

A vulnerability scanner for container images and filesystems

Advisories, proof of concept files and exploits that have been made public by @pedrib.

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能

Misc. Public Reports of Penetration Testing and Security Audits.

SQL Injection Payload List

HatVenom is a HatSploit native powerful payload generation tool that provides support for all common platforms and architectures.

Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps. 👻🐚

Real world and CTFs exploiting web/binary POCs.

A list of vulnerabilities or design flaws that Microsoft does not intend to fix. Since the number is growing, I decided to make a list. This list covers only vulnerabilities that came up in July 2021 (and SpoolSample ;-))

Phomber is infomation grathering tool that reverse search phone numbers and get their details, written in python3.

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

Jenkins RCE Proof-of-Concept: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative)

IoT 固件漏洞复现环境

Integrates Dependency-Check reports into SonarQube

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

异步漏洞利用框架

WADComs is an interactive cheat sheet, containing a curated list of Unix/Windows offensive tools and their respective commands.

Proofs-of-concept

All releases of the security research group (a.k.a. hackers) The Hacker's Choice

Scan your code for security misconfiguration, search for passwords and secrets. 🔍

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

hack tools

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

OPCDE Cybersecurity Conference Materials

Here you can get full exploit for SAP NetWeaver AS JAVA

Slack Enumeration and Extraction Tool - extract sensitive information from a Slack Workspace

The web management platform of honeypot

E-mails, subdomains and names Harvester - OSINT

个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

The Correlated CVE Vulnerability And Threat Intelligence Database API

An automated, modular cryptanalysis tool; i.e., a Weapon of Math Destruction

OWASP Joomla Vulnerability Scanner Project