3138 Open source projects that are alternatives of or similar to K8tools

Mouse Framework is an iOS and macOS post-exploitation framework that gives you a command line session with extra functionality between you and a target machine using only a simple Mouse payload. Mouse gives you the power and convenience of uploading and downloading files, tab completion, taking pictures, location tracking, shell command execution, escalating privileges, password retrieval, and much more.

SocialBox is a Bruteforce Attack Framework [ Facebook , Gmail , Instagram ,Twitter ] , Coded By Belahsan Ouerghi Edit By init__0 for termux on android

CTF竞赛权威指南

The Lost Nintendo DS Television Output, brought back to life

A high performance offensive security tool for reconnaissance and vulnerability scanning

Infection vector that bypasses AV, IDS, and IPS. (For now...)

Wordpress 🔥 Joomla 🔥 Drupal 🔥 OsCommerce 🔥 Prestashop 🔥 Opencart 🔥

Information Gathering tool for a Website or IP address

Brahma - Privilege elevation exploit for Nintendo 3DS

Pentest: Subdomains enumeration tool for penetration testers.

Gives you one-liners that aids in penetration testing operations, privilege escalation and more

TechNowLogger is Windows/Linux Keylogger Generator which sends key-logs via email with other juicy target info

Brute force attack tool for Azure AD Autologon/Seamless SSO - Source: https://arstechnica.com/information-technology/2021/09/new-azure-active-directory-password-brute-forcing-flaw-has-no-fix/

Exporting MISP event attributes to yara rules usable with Thor apt scanner

🖖 Fast, modern, easy-to-use network scanner

🛠️ Tool to bypass my school's security system to get sudo privileges on MacOS

Another archive cracker created in python | cracking [zip/7z/rar] by bruteforcing [ NOT MAINTAINED ]

Focus on cybersecurity | collection of PoC and Exploits

Bypass 403 or 401 or 404

Offensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.

DevBrute is a Password Brute Forcer, It can Brute Force almost all Social Media Accounts or Any Web Application.

💀Proof-of-Concept for CVE-2018-7600 Drupal SA-CORE-2018-002

Assembly block for finding and calling the windows API functions inside import address table(IAT) of the running PE file.

Company Passwords Profiler (aka ComPP) helps making a bruteforce wordlist for a targeted company.

聚合Github上已有的Poc或者Exp，CVE信息来自CVE官网。Auto Collect Poc Or Exp from Github by CVE ID.

Generate passwords and analyze their strength given physical limits to computation

Password lists with top passwords to optimize bruteforce attacks

Framework For Exploring kernel vulnerabilities, network vulnerabilities ✨

BadUSB Teensy downexec exploit support Windows & Linux / Windows Cmd & PowerShell addUser exploit

Load shellcode via HELLGATE, Rewrite hellgate with .net framework for learning purpose.

Suggests programs to run against services found during the enumeration phase of a Pentest

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

ProxyLogon(CVE-2021-26855+CVE-2021-27065) Exchange Server RCE(SSRF->GetWebShell)

swiss army knife for hackers

Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting

D(HE)ater is a proof of concept implementation of the D(HE)at attack (CVE-2002-20001) through which denial-of-service can be performed by enforcing the Diffie-Hellman key exchange.

A personalized/enhanced re-creation of the Darkhotel "Double Star" APT exploit chain with a focus on Windows 8.1 and mixed with some of my own techniques

Apache HTTP Server 2.4.49, 2.4.50 - Path Traversal & RCE

Guest to host VM escape exploit for Parallels Desktop

A list of web application security

Network Security Vulnerability Scanner

Collection of different exploits

Python AV Evasion Tools

iblessing is an iOS security exploiting toolkit, it mainly includes application information collection, static analysis and dynamic analysis. It can be used for reverse engineering, binary analysis and vulnerability mining.

A personal collection of Windows CVE I have turned in to exploit source, as well as a collection of payloads I've written to be used in conjunction with these exploits.

Framework for rapid development and reusable of security tools

Log4J scanner that detects vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046, etc) on your file-system within any application. It is able to even find Log4J instances that are hidden several layers deep. Works on Linux, Windows, and Mac, and everywhere else Java runs, too!

Umbraco CMS 7.12.4 - (Authenticated) Remote Code Execution

A proof of concept crypto virus to spread user awareness about attacks and implications of ransomwares. Phirautee is written purely using PowerShell and does not require any third-party libraries. This tool steals the information, holds an organisation’s data to hostage for payments or permanently encrypts/deletes the organisation data.

A number of scripts POC's and problems solved as pentests move along.

A Collection of Various Discord Bugs, Exploits, Un-Documented Parts of the Discord API, and Other Discord Related Miscellaneous Stuff.

a very very fast brute force webshell password tool

This powershell script has got to run in remote hacked windows host, even for pivoting

Yet Another PHP Shell - The most complete PHP reverse shell

Crack password protected zip files

Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps. 👻🐚

Ladon Moudle MS17010 Exploit for PowerShell

ZIP cracker, CCRYPT cracker, and others to come.

🦄🔒 Awesome list of secrets in environment variables 🖥️

Search for Unix binaries that can be exploited to bypass system security restrictions.