617 Open source projects that are alternatives of or similar to k8badusb

X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

Ladon Network Penetration Scanner for PowerShell, vulnerability / exploit / detection / MS17010/SmbGhost,Brute-Force SMB/IPC/WMI/NBT/SSH/FTP/MSSQL/MYSQL/ORACLE/VNC

All releases of the security research group (a.k.a. hackers) The Hacker's Choice

Its a framework filled with alot of options and hacking tools you use directly in the script from brute forcing to payload making im still adding more stuff i now have another tool out called htkl-lite its hackers-tool-kit just not as big and messy to see updates check on my instagram @tuf_unkn0wn or if there are any problems message me on instagram

windows-kernel-exploits Windows平台提权漏洞集合

Notes about attacking Jenkins servers

Apache HTTP Server 2.4.49, 2.4.50 - Path Traversal & RCE

Ladon Moudle MS17010 Exploit for PowerShell

Misc. Public Reports of Penetration Testing and Security Audits.

linux-kernel-exploits Linux平台提权漏洞集合

cve-2019-0604 SharePoint RCE exploit

Unsorted, raw, ugly & probably poorly usable tools for reversing, exploit and pentest

pentest framework

3389远程桌面代码执行漏洞CVE-2019-0708批量检测工具(Rdpscan Bluekeep Check)

Yet Another PHP Shell - The most complete PHP reverse shell

Bash script purposed for system enumeration, vulnerability identification and privilege escalation.

Framework for rapid development and reusable of security tools

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)

🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks

This powershell script has got to run in remote hacked windows host, even for pivoting

K8Cscan大型内网渗透自定义插件化扫描神器，包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用，程序采用多线程批量扫描大型内网多个IP段C段主机，目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本，支持Cobalt Strike联动

大型内网渗透扫描器&Cobalt Strike，Ladon8.9内置120个模块，包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2，密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem，Poc/Exploit,支持Cobalt Strike 3.X-4.0

TryHackMe CTFs writeups, notes, drafts, scrabbles, files and solutions.

Fast website scraper and wordlist generator

Basic tool to automate backdooring PE files

A collection of JavaScript Codes I've made to enhance the User Experience of Discord and some other Discord related stuff

Cheat-Sheet of tools for penetration testing

A minimalist re-implementation of the Fusée Gelée exploit (http://memecpy.com), designed to run on embedded Linux devices. (Zero dependencies)

kernel-pwn and writeup collection

useful pentest note

OpenSSH remote DOS exploit and vulnerable container

聚合Github上已有的Poc或者Exp，CVE信息来自CVE官网。Auto Collect Poc Or Exp from Github by CVE ID.

Some of my public exploits

ISAF aims to be a framework that provides the necessary tools for the correct security audit of industrial environments. This repo is a mirror of https://gitlab.com/d0ubl3g/industrial-security-auditing-framework.

Vulnerable software and exploits used for OSCP/OSCE preparation

Simple script that utilities discord's flaw in detecting who blocked who.

Framework For Exploring kernel vulnerabilities, network vulnerabilities ✨

PeekABoo tool can be used during internal penetration testing when a user needs to enable Remote Desktop on the targeted machine. It uses PowerShell remoting to perform this task. Note: Remote desktop is disabled by default on all Windows operating systems.

Simple and fast discord token cracker

CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4

Focus on cybersecurity | collection of PoC and Exploits

A remote administration tool for Windows, written in C#

No description or website provided.

Some Malduino ducky scripts

Brute force attack tool for Azure AD Autologon/Seamless SSO - Source: https://arstechnica.com/information-technology/2021/09/new-azure-active-directory-password-brute-forcing-flaw-has-no-fix/

Framework for exploiting local vulnerabilities

A personalized/enhanced re-creation of the Darkhotel "Double Star" APT exploit chain with a focus on Windows 8.1 and mixed with some of my own techniques

BloodHound Docker Ready to Use

Classic code from 1999+ I am fairly sure this is the first public polymorphic shellcode ever (best IMHO and others http://ids.cs.columbia.edu/sites/default/files/ccs07poly.pdf :) If I ever port this to 64 or implement a few other suggestions (sorry I lost ppc code version contributed) it will be orders of magnitude more difficult to spot, so I h…

ProFTPd 1.3.5 - (mod_copy) Remote Command Execution exploit and vulnerable container

GraphQL security auditing script with a focus on performing batch GraphQL queries and mutations

Self defense post module for metasploit

Exploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)

AliGuard PHP WAF

Exploit PollDaddy polls

Docker - Ubuntu with a bunch of PenTesting tools and wordlists

A tool for generating reverse shell payloads on the fly.

radare2 IO plugin for Linux and Android. Modifies files owned by other users via dirtycow Copy-On-Write cache vulnerability

Pentest/BugBounty progress control with scanning modules