877 Open source projects that are alternatives of or similar to Ldap_search

Perun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架

Venom - A Multi-hop Proxy for Penetration Testers

Automation for internal Windows Penetrationtest / AD-Security

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

Web path scanner

👻Impost3r -- A linux password thief

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

A high performance offensive security tool for reconnaissance and vulnerability scanning

Internal penetration testing tool for Linux that can be used to enumerate OS information, domain information, shares, directories, and users through SMB.

👻Stowaway -- Multi-hop Proxy Tool for pentesters

备考 OSCP 的各种干货资料/渗透测试干货资料

Relational database brute force and post exploitation tool for MySQL and MSSQL

Awesome cloud enumerator

A tool to automate penetration tests

OSINT

Browse and search through nmap's NSE scripts.

Attempting to be an all in one repo for others' userful aggressor scripts as well as things we've found useful during Red Team Operations.

Network Pivoting Toolkit

Open Redirect Payloads

A list to discover work of red team tooling and methodology for penetration testing and security assessment

Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.

Wi-Fi tools keep getting more and more accessible to beginners, and the Ehtools Framework is a framework of serious penetration tools that can be explored easily from within it. This powerful and simple tool can be used for everything from installing new add-ons to grabbing a WPA handshake in a matter of seconds. Plus, it's easy to install, set up, and utilize.

WADComs is an interactive cheat sheet, containing a curated list of Unix/Windows offensive tools and their respective commands.

Open source pre-operation C2 server based on python and powershell

Python 3.5+ DNS asynchronous brute force utility

fireELF - Fileless Linux Malware Framework

Attack Surface Management Platform | Sn1perSecurity LLC

Privilege Escalation Enumeration Script for Windows

Extract subdomains from SSL certificates in HTTPS sites.

Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.

BurpSuite收集：包括不限于 Burp 文章、破解版、插件(非BApp Store)、汉化等相关教程，欢迎添砖加瓦---burpsuite-pro burpsuite-extender burpsuite cracked-version hackbar hacktools fuzzing fuzz-testing burp-plugin burp-extensions bapp-store brute-force-attacks brute-force-passwords waf sqlmap jar

Port of Wappalyzer (uncovers technologies used on websites) to automate mass scanning.

Tactics, Techniques, and Procedures

Python3 tool to perform password spraying using RDP

PacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.

For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙

Simple Server Side Request Forgery services enumeration tool.

A ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network

JustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

This repository contains full code examples from the book Gray Hat C#

This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference

hydra

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

mXtract - Memory Extractor & Analyzer

Exploit Pack -The next generation exploit framework

Notes for taking the OSCP in 2097. Read in book form on GitBook

Hacking Toolkit

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)

Tool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.

pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)

The Last Web Recon Tool You'll Need

CVE-2016-8610 (SSL Death Alert) PoC

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting

👀 🖥️ Golang rewrite of eyes.sh. Let's you perform domain/IP address information gathering. Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?" 🔍 🕵️

无状态子域名爆破工具