725 Open source projects that are alternatives of or similar to kali-live-build

Pentest/BugBounty progress control with scanning modules

A Virtual Machine For Assessing Android applications, Reverse Engineering and Malware Analysis

🖖 Fast, modern, easy-to-use network scanner

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

My last 10 year's material collection on offensive & defensive security, GRC, risk management, technical security guidelines and much more.

Random IPv6 - circumvents restrictive IP address-based filter and blocking rules

generates weak passwords based on current date

Custom security distro for remote penetration testing

A repository for scripting a mobile attack toolchain

d(ockerp)wn - a docker pwn tool manager

Domain name permutation engine written in Go

BloodHound Docker Ready to Use

A penetration testing tool for finding file upload bugs (NDSS 2020)

Keyscope is a key and secret workflow (validation, invalidation, etc.) tool built in Rust

This is a repository that will be used to help create a process of a new kali vagrant box for hashicorp each week.

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

Turn PuTTY into an SSH login bruteforcing tool.

Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands on training!

Advance mitm attack using fake access point

Kali image with kali-linux-full metapackage installed, build every night.

Pentester's Promiscuous Notebook

Automated Security Testing For REST API's

Python script wrote to automate the process of generating various reverse shells.

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

Obtain GraphQL API Schema even if the introspection is not enabled

Gorsair hacks its way into remote docker containers that expose their APIs

IPv6 attack toolkit

Python-based CLI Password Analyser (Reporting Tool)

Ruby on Rails Phishing Framework

A cli for cracking, testing vulnerabilities on Json Web Token(JWT)

pure python remote adb scanner + nmap scan module

Silentbridge is a toolkit for bypassing 802.1x-2010 and 802.1x-2004.

USB Rubber Ducky type scripts written for the DigiSpark.

An awesome collection of curated Cyber Security resources(Books, Tutorials, Blogs, Podcasts, ...)

🦁 Juumla is a python tool created to identify Joomla version, scan for vulnerabilities and search for config or backup files.

Load shellcode via HELLGATE, Rewrite hellgate with .net framework for learning purpose.

Classic code from 1999+ I am fairly sure this is the first public polymorphic shellcode ever (best IMHO and others http://ids.cs.columbia.edu/sites/default/files/ccs07poly.pdf :) If I ever port this to 64 or implement a few other suggestions (sorry I lost ppc code version contributed) it will be orders of magnitude more difficult to spot, so I h…

A repository of tools for pentesting of restricted and isolated environments.

Infection Monkey - An automated pentest tool

Security Testing is not as simple as right click > Scan. It's messy, a tough game. What if you had missed to test just that one thing and had to regret later? Sh00t is a highly customizable, intelligent platform that understands the life of bug hunters and emphasizes on manual security testing.

recon-ng modules for Censys

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

This is an open source tool to dump the wifi profiles and cleartext passwords of the connected access points on the Windows machine. This tool will help you in a Wifi penetration testing. Furthermore, it is useful while performing red team or an internal infrastructure engagements.

domhttpx is a google search engine dorker with HTTP toolkit built with python, can make it easier for you to find many URLs/IPs at once with fast time.

Rubyfu, where Ruby goes evil!

Exploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)

A place where I can create, collect and share tooling, resources and knowledge about information security.

The New Hacking Framework

Cameradar hacks its way into RTSP videosurveillance cameras

Suggests programs to run against services found during the enumeration phase of a Pentest

Hacking Tools Z0172CK

Automated NoSQL database enumeration and web application exploitation tool.

The Pentester's Swiss Army Knife

Tools used for Penetration testing / Red Teaming

XSSMap 是一款基于 Python3 开发用于检测 XSS 漏洞的工具

A tool for generating reverse shell payloads on the fly.

Don't let buffer overflows overflow your mind

Wireshark Cheat Sheet

My python3 implementation of a Forward Shell

Automated script to run all modules for a specified list of domains, netblocks or company name