1750 Open source projects that are alternatives of or similar to In Spectre Meltdown

Cameradar hacks its way into RTSP videosurveillance cameras

Go library for credentials recovery

Automated Pentest Tools Designed For Parrot Linux

It's a Docker Environment for pentesting which having all the required tool for VAPT.

Vagrant VirtualBox environment for conducting an internal network penetration test

Yet Another PHP Shell - The most complete PHP reverse shell

Multi OTP Spam Amp/Paralell threads

Awesome cloud enumerator

Common Web Managers Fuzz Wordlists

Free Security and Hacking eBooks

Web Application Security Scanner Framework

A collection of more than 140+ tools, scripts, cheatsheets and other loots that I have developed over years for Red Teaming/Pentesting/IT Security audits purposes. Most of them came handy on at least one of my real-world engagements.

Tool designed to help identify incorrectly configured Django applications that are exposing sensitive information.

Python based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.

LLDebugTool is a debugging tool for developers and testers that can help you analyze and manipulate data in non-xcode situations.

Extract subdomains from SSL certificates in HTTPS sites.

Go Web Application Penetration Test

Quick SQLMap Tamper Suggester

Network Pivoting Toolkit

Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security.

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.

Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.

Hacker101 CTF Writeup

Guidance for the Spectre, Meltdown, Speculative Store Bypass, Rogue System Register Read, Lazy FP State Restore, Bounds Check Bypass Store, TLBleed, and L1TF/Foreshadow vulnerabilities as well as general hardware and firmware security guidance. #nsacyber

PacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.

Attack Surface Management Platform | Sn1perSecurity LLC

Useful tools and scripts during Penetration Testing engagements

Spoof SSDP replies and create fake UPnP devices to phish for credentials and NetNTLM challenge/response.

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

hack tools

👁 (s)AINT is a Spyware Generator for Windows systems written in Java. [Discontinued]

Extension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.

🔗 Don't know what type of hash it is? Name That Hash will name that hash type! 🤖 Identify MD5, SHA256 and 3000+ other hashes ☄ Comes with a neat web app 🔥

A "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)

Scripts I use during pentest engagements.

pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)

Automatic CPU speed & power optimizer for Linux

Powerfull XSS Scanning and Parameter analysis tool&gem

Ruby on Rails Phishing Framework

Thefatrat a massive exploiting tool : Easy tool to generate backdoor and easy tool to post exploitation attack like browser attack and etc . This tool compiles a malware with popular payload and then the compiled malware can be execute on windows, android, mac . The malware that created with this tool also have an ability to bypass most AV softw…

Payload for teensy like a rubber ducky but the syntax is different. this Human interfaes device ( HID attacks ). Penetration With Teensy . Brutal is a toolkit to quickly create various payload,powershell attack , virus attack and launch listener for a Human Interface Device ( Payload Teensy )

👶 BabySploit Beginner Pentesting Toolkit/Framework Written in Python 🐍

Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns

An HTTP/HTTPS intercept proxy written in Go.

Passhunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.

NSA Hacking Tool Recreation UnitedRake

📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.

🔗 All the resources I could find for learning Ethical Hacking and Penetration Testing.

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Dracnmap is an open source program which is using to exploit the network and gathering information with nmap help. Nmap command comes with lots of options that can make the utility more robust and difficult to follow for new users. Hence Dracnmap is designed to perform fast scaning with the utilizing script engine of nmap and nmap can perform various automatic scanning techniques with the advanced commands.

LLDebugTool is a debugging tool for developers and testers that can help you analyze and manipulate data in non-xcode situations.

Ladon Network Penetration Scanner for PowerShell, vulnerability / exploit / detection / MS17010/SmbGhost,Brute-Force SMB/IPC/WMI/NBT/SSH/FTP/MSSQL/MYSQL/ORACLE/VNC

vulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}

It's a simple tool for test vulnerability shellshock

HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.

File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

🔎Searches Hash APIs to crack your hash quickly🔎 If hash is not found, automatically pipes into HashCat⚡

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.