1008 Open source projects that are alternatives of or similar to Htshells

OWASP Joomla Vulnerability Scanner Project

Automated Mass Exploiter

Modern tactical exploitation toolkit.

Attack Surface Management Platform | Sn1perSecurity LLC

Payload for teensy like a rubber ducky but the syntax is different. this Human interfaes device ( HID attacks ). Penetration With Teensy . Brutal is a toolkit to quickly create various payload,powershell attack , virus attack and launch listener for a Human Interface Device ( Payload Teensy )

NetCat for Windows

Docker containers running Alpine Linux and s6 for process management. Solid, reliable containers.

Penetration Testing notes, resources and scripts

Jackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.

Multiplatform reverse shell generator

Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security.

Vanquish is Kali Linux based Enumeration Orchestrator. Vanquish leverages the opensource enumeration tools on Kali to perform multiple active information gathering phases.

K8Cscan大型内网渗透自定义插件化扫描神器，包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用，程序采用多线程批量扫描大型内网多个IP段C段主机，目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本，支持Cobalt Strike联动

ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx that is developed by Trustwave's SpiderLabs. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analys…

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

The bash shell script stack for installation of Nginx OpenResty Tengine lua_nginx_module nginx_concat_module nginx_upload_module ngx_substitutions_filter_module　Apache-2.2 Apache-2.4　MySQL-5.1 MySQL-5.5 MySQL-5.6 MySQL-5.7 PHP-5.2 PHP-5.3 PHP-5.4 PHP-5.5 PHP-5.6 ZendOptimizer ZendGuardLoader Xcache Eaccelerator Imagemagick IonCube Memcache Memcached Redis Mongo Xdebug Mssql Memcached PureFtpd PhpMyAdmin Redis Mongodb PhpRedisAdmin MemAdmin RockMongo Jdk7 Jdk8 Tomcat7 Tomcat8

USB Rubber Ducky type scripts written for the DigiSpark.

Apache Block Bad Bots, (Referer) Spam Referrer Blocker, Vulnerability Scanners, Malware, Adware, Ransomware, Malicious Sites, Wordpress Theme Detectors and Fail2Ban Jail for Repeat Offenders

Hack the World using Termux

Web path scanner

linux-kernel-exploits Linux平台提权漏洞集合

Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.

Meltdown Exploit / Proof-of-concept / checks whether system is affected by Variant 3: rogue data cache load (CVE-2017-5754), a.k.a MELTDOWN.

Pentest Report Generator

Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.

PowerShell Runspace Portable Post Exploitation Tool aimed at making Penetration Testing with PowerShell "easier"

A distributed nmap / masscan scanning framework complete with an API client for automation workflows

Cloak can backdoor any python script with some tricks.

Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.

Discovering vulnerabilities in firmware through concolic analysis and function clustering.

A "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)

This repository contains several applications, demonstrating the Meltdown bug.

DotDotPwn - The Directory Traversal Fuzzer

SharPyShell - tiny and obfuscated ASP.NET webshell for C# web applications

Apache Traffic Control is an Open Source implementation of a Content Delivery Network

A cross-platform note-taking & target-tracking app for penetration testers.

Various kernel exploits

A web front-end for password cracking and analytics

hydra

Steganography brute-force utility to uncover hidden data inside files

The SpecterOps project management and reporting engine

⚡️An awesome list of the best Termux hacking tools

Kindle 5.6.5 exploitation tools.

Access your device's terminal from anywhere via the web.

Apache OpenWhisk is an open source serverless cloud platform

a very fast brute force webshell password tool

Bypassing disabled exec functions in PHP (c) CRLF

OSINT Tool: Generate username lists for companies on LinkedIn

A Golang implant that uses Slack as a command and control server

Idiomatic nmap library for go developers

Mirror of Apache ActiveMQ Artemis

收集自网络各处的 webshell 样本，用于测试 webshell 扫描器检测率。

windows-kernel-exploits Windows平台提权漏洞集合

The New Hacking Framework

一款功能强大的漏洞扫描器，子域名爆破使用aioDNS，asyncio异步快速扫描，覆盖目标全方位资产进行批量漏洞扫描，中间件信息收集，自动收集ip代理，探测Waf信息时自动使用来保护本机真实Ip，在本机Ip被Waf杀死后，自动切换代理Ip进行扫描，Waf信息收集(国内外100+款waf信息)包括安全狗，云锁，阿里云，云盾，腾讯云等，提供部分已知waf bypass 方案，中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等)，支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能

An advanced tool for email reconnaissance

Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. [email protected]

🚀 Web GUI for Kafka Cluster Management

A hyper plugin to provide a flexible GDB GUI with the help of GEF, pwndbg or peda

Composable, observable and performant config handling for Go for the distributed processing era