1750 Open source projects that are alternatives of or similar to In Spectre Meltdown

Dracnmap is an open source program which is using to exploit the network and gathering information with nmap help. Nmap command comes with lots of options that can make the utility more robust and difficult to follow for new users. Hence Dracnmap is designed to perform fast scaning with the utilizing script engine of nmap and nmap can perform various automatic scanning techniques with the advanced commands.

👶 BabySploit Beginner Pentesting Toolkit/Framework Written in Python 🐍

备考 OSCP 的各种干货资料/渗透测试干货资料

Advanced vulnerability scanning with Nmap NSE

Bilingual PhishingKit. TigerShark intergrates a vast array of various phishing tools and frameworks, from C2 servers, backdoors and delivery methods in multiple scripting languages in order to suit whatever your deployment needs may be.

Tool Information Gathering & social engineering Write By [Python,JS,PHP]

A social experiment

The LAZY script will make your life easier, and of course faster.

Domain name permutation engine written in Go

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Keye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will make a request to these URLs and try to detect changes based on their response's body length.

A collection of various awesome lists for hackers, pentesters and security researchers

SSH man-in-the-middle tool

Set of tools to audit SIP based VoIP Systems

A collection of personal scripts used in hacking excercises.

M3m0 Tool ⚔️ Website Vulnerability Scanner & Auto Exploiter

A wrapper for Nmap to quickly run network scans

Automated NoSQL database enumeration and web application exploitation tool.

Don't let buffer overflows overflow your mind

👀 🖥️ Golang rewrite of eyes.sh. Let's you perform domain/IP address information gathering. Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?" 🔍 🕵️

web scanner - exploitation - information gathering

Source code for Hacker101.com - a free online web and mobile security class.

RubberDucky like payloads for DigiSpark Attiny85

Study Notes For Web Hacking / Web安全学习笔记

🔩 jwt-hack is tool for hacking / security testing to JWT. Supported for En/decoding JWT, Generate payload for JWT attack and very fast cracking(dict/brutefoce)

A high performance offensive security tool for reconnaissance and vulnerability scanning

The all-in-one Red Team extension for Web Pentester 🛠

This tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely useful for a forensics team to extract timestamps after an attack on a host to collect evidences and perform further analysis.

ANDRAX The first and unique Penetration Testing platform for Android smartphones

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.

A tool to test security of json web token

Wordpress 🔥 Joomla 🔥 Drupal 🔥 OsCommerce 🔥 Prestashop 🔥 Opencart 🔥

Rubyfu, where Ruby goes evil!

Quick SQL Scanner, Dorker, Webshell injector PHP

Cameradar hacks its way into RTSP videosurveillance cameras

JSON RSA to HMAC and None Algorithm Vulnerability POC

Go library for credentials recovery

SMTP and IMAP checker / cracker for mailpass combolists with a user-friendly GUI, automated inbox test and many more features.

Vagrant VirtualBox environment for conducting an internal network penetration test

(deprecated) Android application vulnerability analysis and Android pentest tool

Yet Another PHP Shell - The most complete PHP reverse shell

Top 100 Hacking & Security E-Books (Free Download)

Multi OTP Spam Amp/Paralell threads

Decrypt passwords/cookies/history/bookmarks from the browser. 一款可全平台运行的浏览器数据导出解密工具。

Passhunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.

Ladon Network Penetration Scanner for PowerShell, vulnerability / exploit / detection / MS17010/SmbGhost,Brute-Force SMB/IPC/WMI/NBT/SSH/FTP/MSSQL/MYSQL/ORACLE/VNC

Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

Tool designed to help identify incorrectly configured Django applications that are exposing sensitive information.

Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.

A list of web application security

Everything needed for doing CTFs

GUI based offensive penetration testing tool (Open Source)

Pentesting suite for Maltego based on data in a Metasploit database

Guidance for the Spectre, Meltdown, Speculative Store Bypass, Rogue System Register Read, Lazy FP State Restore, Bounds Check Bypass Store, TLBleed, and L1TF/Foreshadow vulnerabilities as well as general hardware and firmware security guidance. #nsacyber

vulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}

Scripts I use during pentest engagements.

An HTTP/HTTPS intercept proxy written in Go.

LLDebugTool is a debugging tool for developers and testers that can help you analyze and manipulate data in non-xcode situations.

Machine Learning based Intrusion Detection Systems are difficult to evaluate due to a shortage of datasets representing accurately network traffic and their associated threats. In this project we attempt at solving this problem by presenting two taxonomies