421 Open source projects that are alternatives of or similar to Leviathan

A blazing fast™ multithreaded ROP Gadget finder. ropper / ropgadget alternative

Exploit for CVE-2019-9810 Firefox on Windows 64-bit.

Steeltoe .NET Core Components: CircuitBreaker, Configuration, Connectors, Discovery, Logging, Management, and Security

CVE-2019-1652 /CVE-2019-1653 Exploits For Dumping Cisco RV320 Configurations & Debugging Data AND Remote Root Exploit!

Better PHP rate limiting using Redis.

Tool to generate ROP gadgets for ARM, AARCH64, x86, MIPS, PPC, RISCV, SH4 and SPARC

一款功能强大的漏洞扫描器，子域名爆破使用aioDNS，asyncio异步快速扫描，覆盖目标全方位资产进行批量漏洞扫描，中间件信息收集，自动收集ip代理，探测Waf信息时自动使用来保护本机真实Ip，在本机Ip被Waf杀死后，自动切换代理Ip进行扫描，Waf信息收集(国内外100+款waf信息)包括安全狗，云锁，阿里云，云盾，腾讯云等，提供部分已知waf bypass 方案，中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等)，支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能

Offensive Software Exploitation Course

Red Team Toolkit is an Open-Source Django Offensive Web-App which is keeping the useful offensive tools used in the red-teaming together.

List of every possible vulnerabilities in computer security.

juno-agent

A thorough library database to assist with binary exploitation tasks.

A toolkit for reverse proxy and load balancer

MQTT-PWN intends to be a one-stop-shop for IoT Broker penetration-testing and security assessment operations.

Ladon Pentest Scanner framework 全平台LadonGo开源内网渗透扫描器框架，使用它可轻松一键批量探测C段、B段、A段存活主机、高危漏洞检测MS17010、SmbGhost，远程执行SSH/Winrm，密码爆破SMB/SSH/FTP/Mysql/Mssql/Oracle/Winrm/HttpBasic/Redis，端口扫描服务识别PortScan指纹识别/HttpBanner/HttpTitle/TcpBanner/Weblogic/Oxid多网卡主机，端口扫描服务识别PortScan。

GUI tool to create ROP chains using the ropper API

Deliberately vulnerable scripts for Web Security training

Bash script purposed for system enumeration, vulnerability identification and privilege escalation.

Modern tactical exploitation toolkit.

Exploitation on ARM-based Systems (Troopers18)

Refactored & improved CredKing password spraying tool, uses FireProx APIs to rotate IP addresses, stay anonymous, and beat throttling

A general purpose memory allocator that implements an isolation security strategy to mitigate memory safety issues while maintaining good performance

Python 3.5+ DNS asynchronous brute force utility

A collection of awesome videos, articles, books and resources about ARM exploitation.

An exploit for CVE-2016-7255 on Windows 7/8/8.1/10(pre-anniversary) 64 bit

This Repository contains the stuff related to windows Active directory environment exploitation

🎯 SQL Injection Payload List

Cross-Site Scripting (XSS) command line tool for testing lists of XSS payloads on web apps.

Configuration server submodule for all SeaSerives

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)

Collection of resources for my preparation to take the OSEE certification.

Feature-rich Post Exploitation Framework with Network Pivoting capabilities.

HackSys Extreme Vulnerable Windows Driver

Docker containers running Alpine Linux and s6 for process management. Solid, reliable containers.

A collection of manifests that will create pods with elevated privileges.

Cheatsheet to exploit and learn SQL Injection.

iOS/macOS/Linux Remote Administration Tool

w3af: web application attack and audit framework, the open source web vulnerability scanner.

My solutions to some CTF challenges and a list of interesting resources about pwning stuff

Serverless plugin for Cloudmap

Responsive Command and Control System

Advanced dork Search & Mass Exploit Scanner

A documentation about how to hack Minecraft servers

Multi-threaded AES Brute Force File Decryption

Blind Attacking Framework

SQL injection via bruteforced MD5 hash reflection of random strings

Good to know, easy to forget information about binaries and their exploitation!

Simple directory brute-force tool written with python.

vulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}

Damn Vulnerable Web Application (DVWA)

Example usages of consul functionality.

massive SQL injection vulnerability scanner

AVAX is a small, modern and fast console application for decrypting passwords with certain options.

Xojo classes to build a SQL statement

🌸 Interactive shellcoding environment to easily craft shellcodes

UAVStack Open Source All in One Repository

Marathon-lb is a service discovery & load balancing tool for DC/OS

one node Amazon ECS cluster using EC2 Spot instance and haproxy

sample microservices written in Kotlin that demonstrates usage of Ktor framework woth Consul server