1008 Open source projects that are alternatives of or similar to Kaboom

An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.

A step-by-step walkthrough of CloudGoat 2.0 scenarios.

link is a command and control framework written in rust

WordPress pentest tool

Script to automate PUT HTTP method exploitation to get shell

IP Tools To quickly get information about IP Address's, Web Pages and DNS records.

Chashell is a Go reverse shell that communicates over DNS. It can be used to bypass firewalls or tightly restricted networks.

ASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight

JSON RSA to HMAC and None Algorithm Vulnerability POC

Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework

A Subdomain Enumeration and Validation tool for Bug Bounty and Pentesters.

红蓝对抗以及护网相关工具和资料，内存shellcode（cs+msf）和内存马查杀工具

Generate Gmail Emailing Keyloggers to Windows.

A tool to hunt for publicly accessible DigitalOcean Spaces

Pentester's Promiscuous Notebook

RDP man-in-the-middle (mitm) and library for Python with the ability to watch connections live or after the fact

DeepSea Phishing Gear

Pentest/BugBounty progress control with scanning modules

mosquito - Automating reconnaissance and brute force attacks

Parse OpenAPI documents into Burp Suite for automating OpenAPI-based APIs security assessments (approved by PortSwigger for inclusion in their official BApp Store).

A tool to abuse Exchange services

Python3 script to parse txt files containing Mimikatz output

Executes common PowerSploit Powerview functions then combines output into a spreadsheet for easy analysis.

Custom security distro for remote penetration testing

A Python3 based single-file subdomain enumerator

Hershell is a simple TCP reverse shell written in Go.

An Identity Provider for ORY Hydra over LDAP

Tool for port forwarding & intranet proxy

A fully featured Windows backdoor that uses Gmail as a C&C server

Totally Insecure Web Application Project (TIWAP)

SS7 MAP (pen-)testing toolkit. DISCONTINUED REPO, please use: https://github.com/0xc0decafe/ss7MAPer/

Human and machine readable web vulnerability testing format

Web Application Security Scanner Framework

Collection of several DDos tools.

Reverse Shell as a Service

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)

Adds a customizable "Send to..."-context-menu to your BurpSuite.

📱 objection - runtime mobile exploration

BadUSB Teensy downexec exploit support Windows & Linux / Windows Cmd & PowerShell addUser exploit

a fast domain brute tool

Linux enumeration tool for pentesting and CTFs with verbosity levels

A next generation version of enum4linux (a Windows/Samba enumeration tool) with additional features like JSON/YAML export. Aimed for security professionals and CTF players.

My notes on PentesterLab's Bootcamp series 🕵️

The main SamuraiWTF collaborative distro repo.

Bella is a pure python post-exploitation data mining tool & remote administration tool for macOS. 🍎💻

🔥 A high-performant UDP load generator, written in Rust

Dark-Phish is a complete phishing tool. For more about Dark-Phish tool please visit the website.

Abusing Certificate Transparency logs for getting HTTPS websites subdomains.

A curated list of awesome Windows frameworks, libraries, software and resources for Red Teams

WaTF Bank - What a Terrible Failure Mobile Banking Application for Android and iOS

A Powerful Penetration Tool For Automating Penetration Tasks Such As Local Privilege Escalation, Enumeration, Exfiltration and More... Use Or Build Automation Modules To Speed Up Your Cyber Security Life

BlackRAT - Java Based Remote Administrator Tool

Thoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.

RDF vocabulary and specification

Exploit pack for pentesters and ethical hackers.

This repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions

This is a multi-use bash script for Linux systems to audit wireless networks.

🎉 Personal GNU Emacs configuration

Web Pentesting Fuzz 字典,一个就够了。

A (partial) Python rewriting of PowerSploit's PowerView