1008 Open source projects that are alternatives of or similar to Kaboom

Port scanning and domain utility.

This program focuses on automating the download, installation and compilation of pentest tools from source

A service aware router for Hydra Services. Implements an API Gateway and can route web socket messages.

A Python Hacking Library consisting of network scanner, arp spoofer and detector, dns spoofer, code injector, packet sniffer, network jammer, email sender, downloader, wireless password harvester credential harvester, keylogger, download&execute, ransomware, data harvestors, etc.

Modular personalized dictionary generator.

GoPhish Templates that I have retired and/or templates I've recreated.

This repo will contain some basic pentest/RT commands.

pentest toolbox

Turn your VPS into an attack box

Payload Arsenal for Pentration Tester and Bug Bounty Hunters

VNC pentest tool with bruteforce and ducky script execution features

This repository contains full code examples from the book Gray Hat C#

Related subdomains finder

🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks

Open and collaborative content from leet hackers!

GitLab CE/EE Preauth RCE using ExifTool

渗透测试☞经验/思路/总结/想法/笔记

An XMLRPC brute forcer targeting Wordpress written in Python 3. (DISCONTINUED)

Host Header Injection Checker

汽车/安卓/固件/代码安全测试工具集

Web Penetration Testing with Kali Linux - Third Edition, published by Packt

Red Team Toolkit is an Open-Source Django Offensive Web-App which is keeping the useful offensive tools used in the red-teaming together.

DevBrute is a Password Brute Forcer, It can Brute Force almost all Social Media Accounts or Any Web Application.

An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)

Jam all wifi clients/routers.

A python tool to check subdomain takeover vulnerability

Hacking, pen-testing, and cyber-security related tools built with Python.

A dictionary attack tool for PostgreSQL and MSSQL

🥀 Search Engine Tookit，URL采集、Favicon哈希值查找真实IP、子域名查找

NTP Doser is a NTP Amplification DoS/DDoS attack tool for penttesting

Collect email addresses by crawling search engine results.

Detects the algorithm of input JWT Token and provide options to generate the new JWT token based on the user selected algorithm.

NoneAge Blockchain Security Tutorial

Penetration tests on SSH servers using brute force or dictionary attacks. Written in Python.

Modular and extensible speech recognition library leveraging pytorch-lightning and hydra.

Login hunter of default credentials for administrative web interfaces leveraging NNdefaccts dataset.

POC-T强化版本 POC-S , 用于红蓝对抗中快速验证Web应用漏洞， 对功能进行强化以及脚本进行分类添加，自带dnslog等, 平台补充来自vulhub靶机及其他开源项目的高可用POC

TYPO3 extension t3api. REST API for your TYPO3 project. Config with annotations, built in filtering, pagination, typolinks, image processing, uploads (FAL), serialization contexts, responses in Hydra/JSON-LD format.

Rustcat(rcat) - The modern Port listener and Reverse shell

This Script will produce all of the WPA2 Passwords used by various Router companies aswell as Fritzbox. All of these Passwords will be 16 Numbers in length. So it could get a bit large.

VulWebaju is a platform that automates setting up your pen-testing environment for learning purposes.

CloudDefense.ai is an automated web application security testing tool that audits your web applications by checking for vulnerabilities like SQL Injection, Cross-site scripting and other exploitable vulnerabilities.

Tool that will request the public disclosures on a specific HackerOne program and show them in a localhost webserver.

An advanced command-line search engine for Exploit-DB

Work in progress...

Automated tool for WiFi hacking.

🖖 Fast, modern, easy-to-use network scanner

A webshell framework for penetration testers.

Linux Rootkits (4.x Kernel)

This tool was created as a Proof of Concept to reveal the threats related to web service misconfiguration using CloudFlare as reverse proxy and WAF

Generate MS Word template-based reports with HP WebInspect / Burp Suite Pro input, own custom data and knowledge base.

Fast tool to extract all subdomains from crt.sh website. Output will be up to sub.sub.sub.subdomain.com with standard and advanced search techniques

AV-evading Pythonic Reverse Shell with Dynamic Adaption Capabilities

A repository for scripting a mobile attack toolchain

PowerShell payload generator

Functions that can be used to gain Reverse Shells with PowerShell

A proof of concept crypto virus to spread user awareness about attacks and implications of ransomwares. Phirautee is written purely using PowerShell and does not require any third-party libraries. This tool steals the information, holds an organisation’s data to hostage for payments or permanently encrypts/deletes the organisation data.

Keyscope is a key and secret workflow (validation, invalidation, etc.) tool built in Rust

Leaked pentesting manuals given to Conti ransomware crooks

Top 20 Kali Linux Related E-books (Free Download)