1021 Open source projects that are alternatives of or similar to Lscript

Linset is a WPA/WPA2 phishing tool (evil twin)

Research on Anti-malware and other related security solutions

Container with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters

Automatic finder for subdomains vulnerable to takeover. Written in Go, based on @haccer's subjack.

Linux and Windows shellcode enrichment utility

A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).

Ransom0 is a open source ransomware made with Python, designed to find and encrypt user data.

Bella is a pure python post-exploitation data mining tool & remote administration tool for macOS. 🍎💻

Common password pattern generator using strings list

web-based OSINT and reconaissance toolkit

XSS'OR - Hack with JavaScript.

small python3 tool to check common vulnerabilities in SMTP servers

Paramalyzer - Burp extension for parameter analysis of large-scale web application penetration tests.

This repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions

Penetration testing and auditing toolkit for Android apps.

Wifiphisher is a rogue Access Point framework for conducting red team engagements or Wi-Fi security testing. Using Wifiphisher, penetration testers can easily achieve a man-in-the-middle position against wireless clients by performing targeted Wi-Fi association attacks. Wifiphisher can be further used to mount victim-customized web phishing attacks against the connected clients in order to capture credentials (e.g. from third party login pages or WPA/WPA2 Pre-Shared Keys) or infect the victim stations with malwares.

Monitor linux processes without root permissions

A Not So Very Intelligent Fuzzer: An advanced fuzzing framework designed to find vulnerabilities in C/C++ code.

🎯 RFI/LFI Payload List

Wordpress 🔥 Joomla 🔥 Drupal 🔥 OsCommerce 🔥 Prestashop 🔥 Opencart 🔥

LinkedIn enumeration tool to extract valid employee names from an organization through search engine scraping

An automated e-mail OSINT tool

Keye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will make a request to these URLs and try to detect changes based on their response's body length.

A container repository for my public web hacks!

Passwords Recovery Tool

This is an open source tool to dump the wifi profiles and cleartext passwords of the connected access points on the Windows machine. This tool will help you in a Wifi penetration testing. Furthermore, it is useful while performing red team or an internal infrastructure engagements.

A script written lazily for generating cross-platform backdoors on the go :)

Advanced Android AV Evasion Tool Written In Python 3 that can Embed/Bind meterpreter APK to any Legitimate APK

📱 🐟 An app to remote control SocialFish.

😇 A Powershell exploit service that opens a reverse http connection via meterpreter

Python network tool, similar to Netcat with custom features.

A collection of Ansible roles for automating infosec builds.

A PowerShell-based toolkit and framework consisting of a collection of techniques and tradecraft for use in red team, post-exploitation, adversary simulation, or other offensive security tasks.

A backdoor with a multitude of features.

Rescope is a tool geared towards pentesters and bugbounty researchers, that aims to make life easier when defining scopes for Burp Suite and OWASP ZAP.

Fast Modular Web Interfaces Bruteforcer

Script to automate PUT HTTP method exploitation to get shell

Physmem2profit can be used to create a minidump of a target hosts' LSASS process by analysing physical memory remotely

DeepSea Phishing Gear

Penetration Testing Notes and Playbook (PTP)

Powershell script to setup windows port forwarding using native netsh client

ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产，构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产，发现存在的薄弱点和攻击面。

🔥 Firecrack pentest tools: Facebook hacking random attack, deface, admin finder, bing dorking:

VOIP Security Audit Framework

Lockphish it's the first tool (07/04/2020) for phishing attacks on the lock screen, designed to grab Windows credentials, Android PIN and iPhone Passcode using a https link.

A step-by-step walkthrough of CloudGoat 2.0 scenarios.

Exploitation Framework for ATtiny85 Based HID Attacks

Mobile penetration testing android & iOS command cheatsheet

mosquito - Automating reconnaissance and brute force attacks

Headless CMS and Application Framework built with Node.js, React and MongoDB

SSH man-in-the-middle tool

A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.

Portia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised. Portia performs privilege escalation as well as lateral movement automatically in the network

Parse OpenAPI documents into Burp Suite for automating OpenAPI-based APIs security assessments (approved by PortSwigger for inclusion in their official BApp Store).

A collection of manifests that will create pods with elevated privileges.

🔭 Lightweight URL fuzzer and spider: Discover a web server's undisclosed files, directories and VHOSTs

Phonia Toolkit is one of the most advanced toolkits to scan phone numbers using only free resources. The goal is to first gather standard information such as country, area, carrier and line type on any international phone numbers with a very good accuracy.

Captcha Intruder (CIntrud3r) is an automatic pentesting tool to bypass captchas.

Web hacking framework with tools, exploits by python

Generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage.