1334 Open source projects that are alternatives of or similar to Iblessing

Vulnerability Labs for security analysis

Exploiting Edge's read:// urlhandler

Fully Featured Nintendo DS Loader for Ghidra

Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.

Thoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.

A collection of electronic hacker magazines carefully curated over the years from multiple sources

A collection of hacking / penetration testing resources to make you better!

Safari local file reader

A Not So Very Intelligent Fuzzer: An advanced fuzzing framework designed to find vulnerabilities in C/C++ code.

CTF竞赛权威指南

Powerful dork searcher and vulnerability scanner for windows platform

A Penetration Testing Framework, Information gathering tool & Website Vulnerability Scanner

Framework to test any Anti-Cheat

Security Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.

图形化漏洞利用集成工具

Designed to scan and exploit vulnerabilities within Tor hidden services. TORhunter allows most tools to work as normal while resolving .onion

Ladon Pentest Scanner framework 全平台LadonGo开源内网渗透扫描器框架，使用它可轻松一键批量探测C段、B段、A段存活主机、高危漏洞检测MS17010、SmbGhost，远程执行SSH/Winrm，密码爆破SMB/SSH/FTP/Mysql/Mssql/Oracle/Winrm/HttpBasic/Redis，端口扫描服务识别PortScan指纹识别/HttpBanner/HttpTitle/TcpBanner/Weblogic/Oxid多网卡主机，端口扫描服务识别PortScan。

Perun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架

K8Cscan大型内网渗透自定义插件化扫描神器，包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用，程序采用多线程批量扫描大型内网多个IP段C段主机，目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本，支持Cobalt Strike联动

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)

Xbox One Symbolic Link Exploit: Access restricted/encrypted volumes using the Xbox File Explorer.

ProxyToken (CVE-2021-33766) : An Authentication Bypass in Microsoft Exchange Server POC exploit

👨‍💻 A work-in-progress web services mass scanner written in Rust

Fastest filesystem scanner for log4shell (CVE-2021-44228, CVE-2021-45046) and other vulnerable (CVE-2017-5645, CVE-2019-17571, CVE-2022-23305, CVE-2022-23307 ... ) instances of log4j library. Excellent performance and low memory footprint.

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能

A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.

Bluetooth scanner for local devices that may be vulnerable to Blueborne exploit

DDOS Archive by RootSec (Scanners, BotNets (Mirai and QBot Premium & Normal and more), Exploits, Methods, Sniffers)

Scheme flooding vulnerability: how it works and why it is a threat to anonymous browsing

Extraction of iMessage Data via XSS

分布式资产安全扫描核心管理系统(弱口令扫描，漏洞扫描)

Adobe Experience Manager Vulnerability Scanner

Security scanner for your Terraform code

A proof of concept that demonstrates asynchronous scanning for Java deserialization bugs

DoS PoC's for SAP products

This is a minified exploit for mikrotik routers. It does not require any aditional modules to run.

Log4j Vulnerability Scanner for Windows

Pentest Tools Framework is a database of exploits, Scanners and tools for penetration testing. Pentest is a powerful framework includes a lot of tools for beginners. You can explore kernel vulnerabilities, network vulnerabilities

CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4

Unsigned code loader for Exynos BootROM

Docker Scan is a Command Line Interface to run vulnerability detection on your Dockerfiles and Docker images

Some of my public exploits

Kubernetes security and vulnerability tools and utilities.

Guest to host VM escape exploit for Parallels Desktop

🕵️‍♀️ Mondoo Cloud-Native Security & Vulnerability Risk Management

大型内网渗透扫描器&Cobalt Strike，Ladon8.9内置120个模块，包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2，密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem，Poc/Exploit,支持Cobalt Strike 3.X-4.0

项目是根据LandGrey/SpringBootVulExploit清单编写，目的hvv期间快速利用漏洞、降低漏洞利用门槛。

My exploitDB.

Remote command execution vulnerability scanner for Log4j.

NSE scripts to detect CVE-2020-1350 SIGRED and CVE-2020-0796 SMBGHOST, CVE-2021-21972, proxyshell, CVE-2021-34473

Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.

Misc. Public Reports of Penetration Testing and Security Audits.

A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/

A hyper plugin to provide a flexible GDB GUI with the help of GEF, pwndbg or peda

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

AMWScan (PHP Antimalware Scanner) is a free tool to scan php files and analyze your project to find any malicious code inside it.

SEC分布式资产扫描系统

Real world and CTFs exploiting web/binary POCs.

Rapidly scan filesystems for Java programs potentially vulnerable to Log4Shell (CVE-2021-44228) or "that Log4j JNDI exploit" by inspecting the class paths inside files

Web-based Source Code Vulnerability Scanner