630 Open source projects that are alternatives of or similar to Invoke Apex

Red Teaming Tactics and Techniques

ARTi-C2 is a post-exploitation framework used to execute Atomic Red Team test cases with rapid payload deployment and execution capabilities via .NET's DLR.

The Collective. A repo for a collection of red-team projects found mostly on Github.

A cross-platform C2/teamserver supporting multiple transport protocols, written in Go.

LeakScraper is an efficient set of tools to process and visualize huge text files containing credentials. Theses tools are designed to help penetration testers and redteamers doing OSINT by gathering credentials belonging to their target.

C# tool to discover low hanging fruits

Attempting to be an all in one repo for others' userful aggressor scripts as well as things we've found useful during Red Team Operations.

swiss army knife for hackers

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

Open source pre-operation C2 server based on python and powershell

Utilities for MITRE™ ATT&CK

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

A simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support

An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.

Red Teaming Tactics and Techniques

OSINT

Applied offensive security with Rust - Early access - https://academy.kerkour.com/black-hat-rust?coupon=GITHUB

My own OSCP guide

Automatic Reverse Shell Generator

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)

Perun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架

Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.

A list to discover work of red team tooling and methodology for penetration testing and security assessment

Python3 script to perform LDAP queries and enumerate users, groups, and computers from Windows Domains. Ldap_Search can also perform brute force/password spraying to identify valid accounts via LDAP.

Offline command line lookup utility for GTFOBins (https://github.com/GTFOBins/GTFOBins.github.io) and LOLBAS (https://github.com/LOLBAS-Project/LOLBAS)

Collection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)

A high performance offensive security tool for reconnaissance and vulnerability scanning

备考 OSCP 的各种干货资料/渗透测试干货资料

DNS-Persist is a post-exploitation agent which uses DNS for command and control.

Passwords Recovery Tool

It records your terminal, then lets you upload to ASHIRT

Some Pentesters, Security Researchers, Red Teamers which i learned from them a lot...

ReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.

Test Blue Team detections without running any attack.

This repository contains full code examples from the book Gray Hat C#

Awesome cloud enumerator

Tactics, Techniques, and Procedures

Load a fresh new copy of ntdll.dll via file mapping to bypass API inline hook.

👻Impost3r -- A linux password thief

Automation for internal Windows Penetrationtest / AD-Security

🚀 Fast Port Scanner 🚀

fireELF - Fileless Linux Malware Framework

FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.

An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

A curated list of awesome OSCP resources

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

⛔️ offsec batteries included

My OSCP journey

Venom - A Multi-hop Proxy for Penetration Testers

👻Stowaway -- Multi-hop Proxy Tool for pentesters

This repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions

mosquito - Automating reconnaissance and brute force attacks

zynix-Fusion is a framework that aims to centralize, standardizeand simplify the use of various security tools for pentest professionals.zynix-Fusion (old name: Linux evil toolkit) has few simple commands, one of which is theinit function that allows you to define a target, and thus use all the toolswithout typing anything else.

mXtract - Memory Extractor & Analyzer

A set of recipes useful in pentesting and red teaming scenarios

DeepSea Phishing Gear

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

Know the dangers of credential reuse attacks.

Bash script purposed for system enumeration, vulnerability identification and privilege escalation.