849 Open source projects that are alternatives of or similar to juice-shop-ctf

Write-ups for CTF challenges.

Web application vulnerability scanner

GoRAT (Go Remote Access Tool) is an extremely powerful reverse shell, file server, and control plane using HTTPS reverse tunnels as a transport mechanism.

Vimana is an experimental security framework that aims to provide resources for auditing Python web applications.

Burp Extension for testing authorization issues. Automated request repeating and parameter value extraction on the fly.

Web Exploitation Workflow for CTF Challenges

Keyfinder🔑 is a tool that let you find keys while surfing the web!

Machine Learning WAF Based

Network Vulnerability Scanner

Telegram Bot that keeps track and notificates subscribers about Capture The Flag competitions.

RSPET (Reverse Shell and Post Exploitation Tool) is a Python based reverse shell equipped with functionalities that assist in a post exploitation scenario.

OWASP Raider: a novel framework for manipulating the HTTP processes of persistent sessions

The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.

🔐 Shim to easily install OWASP dependency-check-cli into Python projects

an easy pentesting tool.

Penelope Shell Handler

Automated All-in-One OS Command Injection Exploitation Tool.

A fast boolean expression index implementation, especially for RTB ad selection. A Go implementation of the core algorithm in paper <Indexing Boolean Expression>

LeakScraper is an efficient set of tools to process and visualize huge text files containing credentials. Theses tools are designed to help penetration testers and redteamers doing OSINT by gathering credentials belonging to their target.

apache 2.x.x module, for CSRF mitigation

Cameradar hacks its way into RTSP videosurveillance cameras

開源的正體中文 Web Hacking 學習資源 - 程式安全 2021 Fall

Penetration testing and auditing toolkit for Android apps.

Integrates OWASP Zed Attack Proxy reports into SonarQube

Cryptography & CTF Writeups

A Virtual environment for Pentesting IoT Devices

😼 CTF write-ups

This is my OSCP cheat sheet made by combining a lot of different resources online with a little bit of tweaking. I used this cheat sheet during my exam (Fri, 13 Sep 2019) and during the labs. I can proudly say it helped me pass so I hope it can help you as well ! Good Luck and Try Harder

A very loud but fast recon scan and pentest template creator for use in CTF's/OSCP/Hackthebox...

Rockyou for web fuzzing

解密 qq1790749886/javanet 文件

Generates malicious LNK file payloads for data exfiltration

Write-ups for FireEye's FLARE-On challenges

retrieve information via O365 with a valid cred

🎖 A complete write-up of the Avast challenge given at Hack Cambridge 2018

Awesome Nmap Grep

An automatic and lightweight web application scanning tool for CTF.

Hawkeye filesystem analysis tool

CTF-CryptoTool is a tool written in python, for breaking crypto text of CTF challenges. It tries to decode the cipher by bruteforcing it with all known cipher decoding methods easily. Also works for the cipher which does not have a key.

An automated e-mail OSINT tool

🚩 CTF AWD framework

Captcha Intruder (CIntrud3r) is an automatic pentesting tool to bypass captchas.

CTFd Challenge Type which decreases its value after every solve

Simple Keylogger with smtp to send emails on your account using python works on linux and Windows

A Python tool used to automate the execution of the following tools : Nmap , Nikto and Dirsearch but also to automate the report generation during a Web Penetration Testing

Stereotyped Challenges (2014~2023)

Phishing Tool & Information Collector

My CTF writeups

Evaluate the security of S3 buckets

No description or website provided.

Imagine your SSH server only listens on an IPv6 address, and where the last 6 digits are changing every 30 seconds as a TOTP code...

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

The aim of this project is to protect Java applications against CSRF attacks with the use of Synchronizer Tokens

A collection of electronic hacker magazines carefully curated over the years from multiple sources

The OWASP ZAP core project

A web application that contains several unit tests for the purpose of .NET security

WaniCTF'21-spring official writeup & source code

OWASP Seraphimdroid is an open source project with aim to create, as a community, an open platform for education and protection of Android users against privacy and security threats.

Security challenges and CTFs created by the Penultimate team.

Detect root, emulation, debug mode and other security concerns in your Xamarin apps