2561 Open source projects that are alternatives of or similar to Hrshell

This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.

SSH man-in-the-middle tool

Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor

Command line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.

Fast Modular Web Interfaces Bruteforcer

Enforce HTTPS in node.js koa apps

A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.

SSH/HTTP(S) multiplexer. Run a webserver and a sshd on the same port w/o changes.

HydraFW official firmware for HydraBus/HydraNFC for researcher, hackers, students, embedded software developers or anyone interested in debugging/hacking/developing/penetration testing

SessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally.

venom - shellcode generator/compiler/handler (metasploit)

⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡

A high performance offensive security tool for reconnaissance and vulnerability scanning

A collection of public offensive and defensive security related scripts for InfoSec students.

Container with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters

Transparent SSL/TLS interception

Content for hackingthe.cloud

unix SSH post-exploitation 1337 tool

A shell script that automatically performs a series of *NIX enumeration tasks.

Matthew Holt began developing Caddy in 2014 while studying computer science at Brigham Young University. (The name "Caddy" was chosen because this software helps with the tedious, mundane tasks of serving the Web, and is also a single place for multiple things to be organized together.) It soon became the first web server to use HTTPS automatically and by default, and now has hundreds of contributors and has served trillions of HTTPS requests.

Ghost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device. Ghost Framework gives you the power and convenience of remote Android device administration.

A simple zero-config tool to make locally trusted development certificates with any names you'd like.

Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.

Empire HTTP(S) C2 redirector setup script

Internet standards compliance test suite

An HTTP/HTTPS intercept proxy written in Go.

wolfSSL (formerly CyaSSL) is a small, fast, portable implementation of TLS/SSL for embedded devices to the cloud. wolfSSL supports up to TLS 1.3!

Ferramenta para quebrar senhas administrativas de roteadores Wireless, routers, switches e outras plataformas de gestão de serviços de rede autenticados.

Small and made-easy HTTP/HTTPS server based on Jef Poskanzer's thttpd

A list to discover work of red team tooling and methodology for penetration testing and security assessment

Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands on training!

Bella is a pure python post-exploitation data mining tool & remote administration tool for macOS. 🍎💻

Abusing Certificate Transparency logs for getting HTTPS websites subdomains.

An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.

The best Hacking and PenTesting tools installer on the world

Java ACME Client application

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)

Infection vector that bypasses AV, IDS, and IPS. (For now...)

Keye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will make a request to these URLs and try to detect changes based on their response's body length.

A collection of various awesome lists for hackers, pentesters and security researchers

Let's find someone's account

Keeping Twitter for macOS alive with code injection

Collection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)

Reverse Shell as a Service

iOS/macOS/Linux Remote Administration Tool

BlackRAT - Java Based Remote Administrator Tool

Apply for a job at Olist's Development Team: https://bit.ly/olist-webdev

Easily view and inspect X.509 certificates on your iOS device.

Go-deliver is a payload delivery tool coded in Go.

A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python

Penetration Testing and Hacking CTF's Swiss Army Knife with: Reverse Shell Handling - Encoding/Decoding - Encryption/Decryption - Cracking Hashes / Hashing

Boilerplate code for setting up Nginx + Gunicorn + Flask + automated LetsEncrypt certificates (https) using docker-compose.

A collection of personal scripts used in hacking excercises.

A simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support

Set of tools to audit SIP based VoIP Systems

An Advanced Tool For Complete Apk-Modding In Termux ...

This tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely useful for a forensics team to extract timestamps after an attack on a host to collect evidences and perform further analysis.

Powerful Visual Subdomain Enumeration at the Click of a Mouse

RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.

M3m0 Tool ⚔️ Website Vulnerability Scanner & Auto Exploiter