877 Open source projects that are alternatives of or similar to Ldap_search

DeepSea Phishing Gear

🏴‍☠️ Information Gathering tool 🏴‍☠️ DNS / Subdomains / Ports / Directories enumeration

mosquito - Automating reconnaissance and brute force attacks

SSRF (Server Side Request Forgery) testing resources

RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.

An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.

A wrapper for Nmap to quickly run network scans

ReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.

👶 BabySploit Beginner Pentesting Toolkit/Framework Written in Python 🐍

A tool to test security of json web token

Rescope is a tool geared towards pentesters and bugbounty researchers, that aims to make life easier when defining scopes for Burp Suite and OWASP ZAP.

Just Another Linux Enumeration Script: A Bash script for locally enumerating a compromised Linux box

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Let's you perform domain/IP information gathering... in BASH! Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?"

Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting

Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.

Attack Surface Management Platform | Sn1perSecurity LLC

Simple Server Side Request Forgery services enumeration tool.

A unified console to perform the "kill chain" stages of attacks.

Monitor linux processes without root permissions

All releases of the security research group (a.k.a. hackers) The Hacker's Choice

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)

File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

DNS-Persist is a post-exploitation agent which uses DNS for command and control.

an easy pentesting tool.

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

A Powerful Penetration Tool For Automating Penetration Tasks Such As Local Privilege Escalation, Enumeration, Exfiltration and More... Use Or Build Automation Modules To Speed Up Your Cyber Security Life

An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

The Collective. A repo for a collection of red-team projects found mostly on Github.

Create a VPS on Google Cloud Platform or Digital Ocean easily with Offensive Docker included to launch assessment to the targets.

Yet Another PHP Shell - The most complete PHP reverse shell

👻Behold3r -- 收集指定网站的子域名，并可监控指定网站的子域名更新情况，发送变更报告至指定邮箱

Port of Wappalyzer (uncovers technologies used on websites) to automate mass scanning.

个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

Pentesting/Bugbounty Dockerfiles.

Attempting to be an all in one repo for others' userful aggressor scripts as well as things we've found useful during Red Team Operations.

Tactics, Techniques, and Procedures

This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference

mXtract - Memory Extractor & Analyzer

A ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network

👀 🖥️ Golang rewrite of eyes.sh. Let's you perform domain/IP address information gathering. Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?" 🔍 🕵️

Python3 tool to perform password spraying using RDP

PacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.

Wordlists and passwords handcrafted with ♥

Open source pre-operation C2 server based on python and powershell

Notes for taking the OSCP in 2097. Read in book form on GitBook

JustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)

Exploit Pack -The next generation exploit framework

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Hacking Toolkit

hydra

fireELF - Fileless Linux Malware Framework

A set of recipes useful in pentesting and red teaming scenarios

PoC Command and Control Server. Interact with clients through a private web interface, add new users for team sharing and more.

WADComs is an interactive cheat sheet, containing a curated list of Unix/Windows offensive tools and their respective commands.

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

无状态子域名爆破工具

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能