1611 Open source projects that are alternatives of or similar to Lockdoor Framework

Python Interactive Deepweb-oriented Rapid Intelligent Link Analyzer

Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.

Let's you perform domain/IP information gathering... in BASH! Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?"

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

Quiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.

Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.

记录自己编写、修改的部分工具

A Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

Python3 script to perform LDAP queries and enumerate users, groups, and computers from Windows Domains. Ldap_Search can also perform brute force/password spraying to identify valid accounts via LDAP.

This tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely useful for a forensics team to extract timestamps after an attack on a host to collect evidences and perform further analysis.

🔺 Red Team Hardware Toolkit 🔺

Idiomatic nmap library for go developers

Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords

XSHOCK Shellshock Exploit

PacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.

HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.

Spoof SSDP replies and create fake UPnP devices to phish for credentials and NetNTLM challenge/response.

🔪 Leak git repositories from misconfigured websites

Network Pivoting Toolkit

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

my oscp prep collection

All in One Hacking Tool for Linux & Android (Termux). Make your linux environment into a Hacking Machine. Hackers are welcome in our blog

Fast Modular Web Interfaces Bruteforcer

Wi-Fi tools keep getting more and more accessible to beginners, and the Ehtools Framework is a framework of serious penetration tools that can be explored easily from within it. This powerful and simple tool can be used for everything from installing new add-ons to grabbing a WPA handshake in a matter of seconds. Plus, it's easy to install, set up, and utilize.

Vagrant VirtualBox environment for conducting an internal network penetration test

An Arch Linux repository for security professionals and enthusiasts. Done the Arch Way and optimized for i686, x86_64, ARMv6, ARMv7 and ARMv8.

Ruby on Rails Phishing Framework

M3m0 Tool ⚔️ Website Vulnerability Scanner & Auto Exploiter

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

Collection of several DDos tools.

A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).

Automated NoSQL database enumeration and web application exploitation tool.

RubberDucky like payloads for DigiSpark Attiny85

Discover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty

🔎Searches Hash APIs to crack your hash quickly🔎 If hash is not found, automatically pipes into HashCat⚡

Know the dangers of credential reuse attacks.

A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.

This script will you help to find the information about the website and to help in penetrating testing

File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

👻Behold3r -- 收集指定网站的子域名，并可监控指定网站的子域名更新情况，发送变更报告至指定邮箱

Yet Another PHP Shell - The most complete PHP reverse shell

Useful tools and scripts during Penetration Testing engagements

Study Notes For Web Hacking / Web安全学习笔记

Comprehensive Web Based Phishing Suite for Rapid Deployment and Real-Time Alerting!

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Pentesting/Bugbounty Dockerfiles.

A Powerful Penetration Tool For Automating Penetration Tasks Such As Local Privilege Escalation, Enumeration, Exfiltration and More... Use Or Build Automation Modules To Speed Up Your Cyber Security Life

Offensive Reverse Shell (Cheat Sheet)

Command line tool that allows you to explore IoT devices by using Shodan API.

Enumerate information from NTLM authentication enabled web endpoints 🔎

👀 🖥️ Golang rewrite of eyes.sh. Let's you perform domain/IP address information gathering. Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?" 🔍 🕵️

A list to discover work of red team tooling and methodology for penetration testing and security assessment

An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.

Wordpress 🔥 Joomla 🔥 Drupal 🔥 OsCommerce 🔥 Prestashop 🔥 Opencart 🔥

Functions that can be used to gain Reverse Shells with PowerShell

Penetration Testing notes, resources and scripts

Get Keyboard,Mouse,ScreenShot,Microphone Inputs from Target Computer and Send to your Mail.