630 Open source projects that are alternatives of or similar to Invoke Apex

RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.

A Python3 based single-file subdomain enumerator

Web Content Discovery Tool

Shuffle: A general purpose security automation platform platform. We focus on accessibility for all.

Intelligence tool but without API key

Windows shellcode development in Rust

DNS Rebinding Exploitation Framework

Bella is a pure python post-exploitation data mining tool & remote administration tool for macOS. 🍎💻

Quickly analyze and reverse engineer Android packages

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

a unique framework for cybersecurity simulation and red teaming operations, windows auditing for newer vulnerabilities, misconfigurations and privilege escalations attacks, replicate the tactics and techniques of an advanced adversary in a network.

🔥 Firecrack pentest tools: Facebook hacking random attack, deface, admin finder, bing dorking:

A curated list of awesome privilege escalation

The iOS Security Testing Framework

Extract endpoints from APK files

Abusing Certificate Transparency logs for getting HTTPS websites subdomains.

Sifter aims to be a fully loaded Op Centre for Pentesters

RedSnarf is a pen-testing / red-teaming tool for Windows environments

For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙

The ultimate WinRM shell for hacking/pentesting

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能

Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.

Project to enumerate proxy configurations and generate shellcode from CobaltStrike

Burpsuite-Plugins-Usage

PROJECT DELTA: SDN SECURITY EVALUATION FRAMEWORK

Open-Source Ransomware As A Service for Linux, MacOS and Windows

This code is vulnerable to SQL Injection and having SQLite database. For SQLite database, SQL Injection payloads are different so it is for fun. Just enjoy it \m/

🤖 The Modern Port Scanner 🤖

Browse and search through nmap's NSE scripts.

Python3 tool to perform password spraying using RDP

Reverse proxies cheatsheet

Curated resources help you prepare for the CNCF/Linux Foundation CKS 2021 "Kubernetes Certified Security Specialist" Certification exam. Please provide feedback or requests by raising issues, or making a pull request. All feedback for improvements are welcome. thank you.

Open Redirect Payloads

Micro-framework for rapid development of reusable security tools

For all your network pentesting needs

Powerful Visual Subdomain Enumeration at the Click of a Mouse

Reverse Shell as a Service

The Shadow Attack Framework

Gorsair hacks its way into remote docker containers that expose their APIs

Scan .onion hidden services with nmap using Tor, proxychains and dnsmasq in a minimal alpine Docker container.

Simple Server Side Request Forgery services enumeration tool.

Hashcat web interface

WaTF Bank - What a Terrible Failure Mobile Banking Application for Android and iOS

Web path scanner

A .NET Standard library for pentesting web apps against credential stuffing attacks.

Easy files and payloads delivery over DNS

my oscp prep collection

Collection of PoC and offensive techniques used by the BlackArrow Red Team

Tool to predict attacker groups from the techniques and software used

👻 A LAN dropbox chatbot controllable via Telegram

渗透测试插件化并发框架 / Open-sourced remote vulnerability PoC/EXP framework

Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK

A tool to abuse Exchange services

BlackRAT - Java Based Remote Administrator Tool

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

Ruby on Rails Phishing Framework

Thoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.

Collection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi

Awesome CSIRT is an curated list of links and resources in security and CSIRT daily activities.

A Linux Auditd rule set mapped to MITRE's Attack Framework