3159 Open source projects that are alternatives of or similar to K8cscan

大型内网渗透扫描器&Cobalt Strike，Ladon8.9内置120个模块，包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2，密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem，Poc/Exploit,支持Cobalt Strike 3.X-4.0

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)

Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns

Ladon Network Penetration Scanner for PowerShell, vulnerability / exploit / detection / MS17010/SmbGhost,Brute-Force SMB/IPC/WMI/NBT/SSH/FTP/MSSQL/MYSQL/ORACLE/VNC

X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

pentest framework

3389远程桌面代码执行漏洞CVE-2019-0708批量检测工具(Rdpscan Bluekeep Check)

Ladon Pentest Scanner framework 全平台LadonGo开源内网渗透扫描器框架，使用它可轻松一键批量探测C段、B段、A段存活主机、高危漏洞检测MS17010、SmbGhost，远程执行SSH/Winrm，密码爆破SMB/SSH/FTP/Mysql/Mssql/Oracle/Winrm/HttpBasic/Redis，端口扫描服务识别PortScan指纹识别/HttpBanner/HttpTitle/TcpBanner/Weblogic/Oxid多网卡主机，端口扫描服务识别PortScan。

my oscp prep collection

hacker, ready for more of our story ! 🚀

cve-2019-0604 SharePoint RCE exploit

🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.

Python Interactive Deepweb-oriented Rapid Intelligent Link Analyzer

一个专注于聚合和记录各种SQL注入方法的wiki

SQL support for rom-rb

Open-Source Data Platform 🐰 — Directus wraps any SQL database with a real-time GraphQL+REST API and an intuitive app for non-technical users.

🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks

eXperDB-DB2PG is a data migration solution that transfers data extracted from various DBMSs to eXperDB or PostgreSQL. Currently, Oracle and Oracle Spatial, MySQL, SQL Server(MS-SQL) and Sybase data can be transferred.

Its a framework filled with alot of options and hacking tools you use directly in the script from brute forcing to payload making im still adding more stuff i now have another tool out called htkl-lite its hackers-tool-kit just not as big and messy to see updates check on my instagram @tuf_unkn0wn or if there are any problems message me on instagram

Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。

scan for NTLM directories

All releases of the security research group (a.k.a. hackers) The Hacker's Choice

A wiki focusing on aggregating and documenting various SQL injection methods

A social experiment

200 TOOLS BY 0XID4FF0X FOR TERMUX

Authenticate against a MySQL server without knowing the cleartext password

Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework

Linq to database provider.

Fake Protocol Server

Powerfull XSS Scanning and Parameter analysis tool&gem

Notes about attacking Jenkins servers

安全、可靠、简单、免费的企业级蜜罐

Misc. Public Reports of Penetration Testing and Security Audits.

Next generation web scanner

🧰 The Rust SQL Toolkit. An async, pure Rust SQL crate featuring compile-time checked queries without a DSL. Supports PostgreSQL, MySQL, SQLite, and MSSQL.

Free universal database tool and SQL client

Generate a Go ORM tailored to your database schema.

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

linux-kernel-exploits Linux平台提权漏洞集合

OWASP Joomla Vulnerability Scanner Project

Sifter aims to be a fully loaded Op Centre for Pentesters

Vulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.

Chromepass - Hacking Chrome Saved Passwords

A curated list of awesome privilege escalation

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

Blueborne CVE-2017-0785 Android information leak vulnerability

The Web Application Hacker's Handbook - Extra Content

特色：vs插件或者t4一键生成entity 支持配置非物理外键。分离linq转sql引擎(原生linq非扩展)和执行dal功能,支持异步,支持netcore2.0

Hacking Toolkit

A general F# SQL database erasing type provider, supporting LINQ queries, schema exploration, individuals, CRUD operations and much more besides.

一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具，可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如：Title、Domain、CDN、指纹信息、状态信息等。

Automatically Launch Google Hacking Queries Against A Target Domain

Apache Solr Injection Research

Penetration Testing notes, resources and scripts

Exploit for Drupal v7.x + v8.x (Drupalgeddon 2 / CVE-2018-7600 / SA-CORE-2018-002)

The lightweight PHP database framework to accelerate the development.

Quickly analyze and reverse engineer Android packages

SymmetricDS is a database and file synchronization solution that is platform-independent, web-enabled, and database agnostic. SymmetricDS was built to make data replication across two to tens of thousands of databases and file systems fast, easy and resilient. We specialize in near real time, bi-directional data replication across large node networks over the WAN or LAN.