1008 Open source projects that are alternatives of or similar to Kaboom

All In One Pentesting Tool For Recon & Auditing , Phone Number Lookup , Header , SSH Scan , SSL/TLS Scan & Much More.

Microsoft Azure Exploitation Framework

cobaltstrike ms17-010 module and some other

Exploits and Security Tools Framework 2.0.1

A fully automatic wifi deauther coded in Python

Reverse shell manager using tmux and ncat

Turn PuTTY into an SSH login bruteforcing tool.

A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.

Kali image with kali-linux-full metapackage installed, build every night.

PowerShell SOCKS proxy with reverse proxy capabilities

Nmap and NSE command line wrapper in the style of Metasploit

In my computer security courses I make extensive usage of cheatsheets for various tools and extra materials to complement the student learning if they are willing to do so. I have decided to share them to enable others to take advantage of them

Command line tool for passive reconnaissance, able to gather and link public information to a target domain, company or individual. It can make intelligence gathering faster and more effective by drastically reducing manual user interaction. This is achieved through the engineering of a highly customisable single input to multiple output solutio…

Feature-rich Post Exploitation Framework with Network Pivoting capabilities.

整理一些内网常用渗透小工具

A cli for cracking, testing vulnerabilities on Json Web Token(JWT)

An automated approach to performing recon for bug bounty hunting and penetration testing.

Security tool to quickly audit Public Box files and folders.

Vulnerability assessment and penetration testing automation and reporting platform for teams.

An awesome collection of curated Cyber Security resources(Books, Tutorials, Blogs, Podcasts, ...)

Keyfinder🔑 is a tool that let you find keys while surfing the web!

Share of my Huge Collection of Cheatsheet (Coding, Cheat, Pinouts, Command Lists, Etc.)

Statically-linked ssh server with reverse shell functionality for CTFs and such

Network Vulnerability Scanner

Wiki to collect Red Team infrastructure hardening resources

RSPET (Reverse Shell and Post Exploitation Tool) is a Python based reverse shell equipped with functionalities that assist in a post exploitation scenario.

ConPtyShell - Fully Interactive Reverse Shell for Windows

Automatic Enumeration Tool based in Open Source tools

Extracting URLs of a specific target based on the results of "commoncrawl.org"

Reconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.

The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.

A collection of resources I'm using while working toward the OSCP

Physmem2profit can be used to create a minidump of a target hosts' LSASS process by analysing physical memory remotely

🔭 Lightweight URL fuzzer and spider: Discover a web server's undisclosed files, directories and VHOSTs

Just another script for automatize boolean-based blind SQL injections. (Demo)

List of Bluetooth BR/EDR/LE security resources

Capture-the-Flag (CTF) environment setup tools for OWASP Juice Shop

Automated All-in-One OS Command Injection Exploitation Tool.

d(ockerp)wn - a docker pwn tool manager

PHP function tracker

LeakScraper is an efficient set of tools to process and visualize huge text files containing credentials. Theses tools are designed to help penetration testers and redteamers doing OSINT by gathering credentials belonging to their target.

巡风是一款适用于企业内网的漏洞快速应急，巡航扫描系统。

A Docker container for remote penetration testing.

Log4J scanner that detects vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046, etc) on your file-system within any application. It is able to even find Log4J instances that are hidden several layers deep. Works on Linux, Windows, and Mac, and everywhere else Java runs, too!

Dynamic file detection tool based on crawler 基于爬虫的动态敏感文件探测工具

Framework for rapid development and reusable of security tools

The Leading Security Assessment Framework for Android.

Penetration testing and auditing toolkit for Android apps.

parse nmap files

VOIP Security Audit Framework

An extensible toolkit providing penetration testers an easy-to-use platform to deploy Access Points during penetration testing and red team engagements.

Linux and Windows shellcode enrichment utility

AWS Identity and Access Management Visualizer and Anomaly Finder

A MongoDB importer and API for Project Sonars DNS datasets

Goca Scanner

Burp Extension for testing authorization issues. Automated request repeating and parameter value extraction on the fly.

Python AV Evasion Tools

A Virtual environment for Pentesting IoT Devices

domhttpx is a google search engine dorker with HTTP toolkit built with python, can make it easier for you to find many URLs/IPs at once with fast time.

Rockyou for web fuzzing