467 Open source projects that are alternatives of or similar to Http Asynchronous Reverse Shell

Uses Empire's (https://github.com/BC-SECURITY/Empire) RESTful API to automate gaining Domain and/or Enterprise Admin rights in Active Directory environments using some of the most common offensive TTPs.

Python Interactive Deepweb-oriented Rapid Intelligent Link Analyzer

Python3 script to perform LDAP queries and enumerate users, groups, and computers from Windows Domains. Ldap_Search can also perform brute force/password spraying to identify valid accounts via LDAP.

Bash script purposed for system enumeration, vulnerability identification and privilege escalation.

The Robot Security Framework (RSF), Robot Security Framework (RSF), a standardized methodology to perform security assessments in robotics.

Golang reverse/bind shell generator

🔥 A powerful MongoDB auditing and pentesting tool 🔥

Passwords Recovery Tool

Automatically spawn a reverse shell fully interactive for Linux or Windows victim

A tool to hunt for publicly accessible DigitalOcean Spaces

Script samples from the book Pentesting Azure Applications (2018, No Starch Press)

File upload vulnerability scanner and exploitation tool.

Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries

RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

🔨 A multiple reverse shell session/client manager via terminal

The iOS Security Testing Framework

A tool to abuse Exchange services

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

Python script wrote to automate the process of generating various reverse shells.

RedSnarf is a pen-testing / red-teaming tool for Windows environments

Set of tools to audit SIP based VoIP Systems

Python network tool, similar to Netcat with custom features.

🏴‍☠️ Tools for pentesting, CTFs & wargames. 🏴‍☠️

BurpSuite收集：包括不限于 Burp 文章、破解版、插件(非BApp Store)、汉化等相关教程，欢迎添砖加瓦---burpsuite-pro burpsuite-extender burpsuite cracked-version hackbar hacktools fuzzing fuzz-testing burp-plugin burp-extensions bapp-store brute-force-attacks brute-force-passwords waf sqlmap jar

🏴‍☠️ Information Gathering tool 🏴‍☠️ DNS / Subdomains / Ports / Directories enumeration

Micro-framework for rapid development of reusable security tools

Quiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.

My OSCP journey

Human and machine readable web vulnerability testing format

Simple Server Side Request Forgery services enumeration tool.

An open source Android application that is intentionally vulnerable so as to act as a learning platform for Android application security beginners.

Privilege Escalation Enumeration Script for Windows

Adds a customizable "Send to..."-context-menu to your BurpSuite.

BURP extension to record every HTTP request send via BURP and create an audit trail log of an assessment.

Silentbridge is a toolkit for bypassing 802.1x-2010 and 802.1x-2004.

DNS Sub-domain brute forcer, in Python + gevent

Linux enumeration tool for pentesting and CTFs with verbosity levels

A tool for bug hunting or pentesting for targeting websites that have open .git repositories available in public

The Collective. A repo for a collection of red-team projects found mostly on Github.

无状态子域名爆破工具

Bella is a pure python post-exploitation data mining tool & remote administration tool for macOS. 🍎💻

A repo with information about security of Ethereum Smart Contracts

XSSMap 是一款基于 Python3 开发用于检测 XSS 漏洞的工具

👶 BabySploit Beginner Pentesting Toolkit/Framework Written in Python 🐍

Abusing Certificate Transparency logs for getting HTTPS websites subdomains.

online port scan scraper

C2 framework that uses Background Intelligent Transfer Service (BITS) as communication protocol and Direct Syscalls + Dinvoke for EDR user-mode hooking evasion.

Kubernetes Goat is "Vulnerable by Design" Kubernetes Cluster. Designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security.

This repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions

🚀 Fast Port Scanner 🚀

zynix-Fusion is a framework that aims to centralize, standardizeand simplify the use of various security tools for pentest professionals.zynix-Fusion (old name: Linux evil toolkit) has few simple commands, one of which is theinit function that allows you to define a target, and thus use all the toolswithout typing anything else.

Python Remote Administration Tool (RAT)

An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.

🔪 Leak git repositories from misconfigured websites

Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network

A collection of useful scripts for Cobalt Strike

A set of recipes useful in pentesting and red teaming scenarios