574 Open source projects that are alternatives of or similar to HellgateLoader_CSharp

XSS'OR - Hack with JavaScript.

Hacker101 CTF Writeup

Fast website scraper and wordlist generator

Next generation web scanner

Offensive tools as Dockerfiles. Lightweight & Ready to go

An automated approach to performing recon for bug bounty hunting and penetration testing.

Search (offline) if your password (NTLM or SHA1 format) has been leaked (HIBP passwords list v8)

Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.

Bash script purposed for system enumeration, vulnerability identification and privilege escalation.

SIP-Based Audit and Attack Tool

Spray365 makes spraying Microsoft accounts (Office 365 / Azure AD) easy through its customizable two-step password spraying approach. The built-in execution plan features options that attempt to bypass Azure Smart Lockout and insecure conditional access policies.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

This cheat sheet contains common enumeration and attack methods for Windows Active Directory with the use of powershell.

A collection of pentest tools and resources targeting Hadoop environments

K8Cscan大型内网渗透自定义插件化扫描神器，包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用，程序采用多线程批量扫描大型内网多个IP段C段主机，目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本，支持Cobalt Strike联动

some pentest scripts & tools by [email protected]

Pentest/BugBounty progress control with scanning modules

redteam.wiki

Wavestone's web interface for password cracking with hashcat

This repository contains writeups for various CTFs I've participated in (Including Hack The Box).

ISAF aims to be a framework that provides the necessary tools for the correct security audit of industrial environments. This repo is a mirror of https://gitlab.com/d0ubl3g/industrial-security-auditing-framework.

parse nmap files

A curated list of VULNERABLE APPS and SYSTEMS which can be used as PENETRATION TESTING PRACTICE LAB.

A Modular Framework for the Automated Vulnerability Analysis in IP-based Networks

generates weak passwords based on current date

WireBug is a toolset for Voice-over-IP penetration testing

The ultimate WinRM shell for hacking/pentesting

A Tool for Domain Flyovers

Multi OTP Spam Amp/Paralell threads

Open source all-in-one CLI tool to semi-automate pentesting.

Ladon Moudle MS17010 Exploit for PowerShell

A repository for scripting a mobile attack toolchain

A tool to test security of json web token

It's a tool which generate a dictionary from a csv containing personals informations. Generate all common passwords based on perso info. (leet transformations and combinatory processing)

Skrull is a malware DRM, that prevents Automatic Sample Submission by AV/EDR and Signature Scanning from Kernel. It generates launchers that can run malware on the victim using the Process Ghosting technique. Also, launchers are totally anti-copy and naturally broken when got submitted.

This powershell script has got to run in remote hacked windows host, even for pivoting

A Cloudflare resolver that works

My notebook for OSCP Lab

Assembly block for finding and calling the windows API functions inside import address table(IAT) of the running PE file.

This program focuses on automating the download, installation and compilation of pentest tools from source

nray distributed port scanner

🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks

The purpose of this tool is to test the window10 defender protection and also other antivirus protection.

🥀 Search Engine Tookit，URL采集、Favicon哈希值查找真实IP、子域名查找

An Infrastructure as Code (IaC) deployment of a small Active Directory pentest lab in the cloud. The deployment simulates a semi-realistic corporate enterprise Active Directory with a DC and endpoints. Purple team goals include blue team detection capabilities and R&D for detection engineering new approaches.

A proof of concept crypto virus to spread user awareness about attacks and implications of ransomwares. Phirautee is written purely using PowerShell and does not require any third-party libraries. This tool steals the information, holds an organisation’s data to hostage for payments or permanently encrypts/deletes the organisation data.

A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.

SMTP and IMAP checker / cracker for mailpass combolists with a user-friendly GUI, automated inbox test and many more features.

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

d(ockerp)wn - a docker pwn tool manager

BloodHound Docker Ready to Use

Generate unicode evil domains for IDN Homograph Attack and detect them.

Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.

Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework

Hacking Toolkit

It records your terminal, then lets you upload to ASHIRT

PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.

🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.

MSDAT: Microsoft SQL Database Attacking Tool

RunasCs - Csharp and open version of windows builtin runas.exe