600 Open source projects that are alternatives of or similar to Macro_pack

Python AV Evasion Tools

Scan for and exploit Consul agents

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

Overlord - Red Teaming Infrastructure Automation

个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

A framework that create an advanced stealthy dropper that bypass most AVs and have a lot of tricks

A poorman's proxycannon and botnet, using docker, ovpn files, and a dante socks5 proxy

A list of payload and bypass lists for penetration testing and red team infrastructure build.

Load shellcode via HELLGATE, Rewrite hellgate with .net framework for learning purpose.

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)

🌒 Shell command obfuscation to avoid detection systems

Webshell Manager

cobaltstrike ms17-010 module and some other

Automatically spawn a reverse shell fully interactive for Linux or Windows victim

Credsleaker allows an attacker to craft a highly convincing credentials prompt using Windows Security, validate it against the DC and in turn leak it via an HTTP request.

Script collection to bypass Network Access Control (NAC, 802.1x)

Snoop — инструмент разведки на основе открытых данных (OSINT world)

It's a tool which generate a dictionary from a csv containing personals informations. Generate all common passwords based on perso info. (leet transformations and combinatory processing)

Hershell is a simple TCP reverse shell written in Go.

Chashell is a Go reverse shell that communicates over DNS. It can be used to bypass firewalls or tightly restricted networks.

Collection of quality safety articles. Awesome articles.

An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)

Passwords Recovery Tool

Offensive Reverse Shell (Cheat Sheet)

Load a fresh new copy of ntdll.dll via file mapping to bypass API inline hook.

Argus Advanced Remote & Local Keylogger For macOS and Windows

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

Ideas for protecting C/C++

jSQL Injection is a Java application for automatic SQL database injection.

Vulnerability Dashboard

Gradle Plugin - Obfuscator String Encryption (Android/Java)

Z00bfuscator is the simple, open-source, cross-platform obfuscator for .NET Assemblies built on .NET Core

Loader, dropper generator with multiple features for bypassing client-side and network-side countermeasures.

This is the list of all rootkits found so far on github and other sites.

API, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)

Utilities for MITRE™ ATT&CK

A curated list of awesome OSCP resources

Open source obfuscation tool for .NET assemblies

Smersh is a pentest oriented collaborative tool used to track the progress of your company's missions.

Burp extension to passively scan for applications revealing software version numbers

📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.

做redteam时使用，修改自Ridter的https://github.com/Ridter/Intranet_Penetration_Tips

People tracker on the Internet: OSINT analysis and research tool by Jose Pino

Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python

A tool for integrating the Metasploit payload with Android's healthy programs and bypassing antivirus

Reproducible and extensible BloodHound playbooks

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

Perun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架

Reverse engineering and software quality assurance tool for .NET assemblies

A list of resources for those interested in getting started in bug bounties

记录自己编写、修改的部分工具

Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.

This challenge is Inon Shkedy's 31 days API Security Tips.

vulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}

ODAT: Oracle Database Attacking Tool

Spoilerwall introduces a brand new concept in the field of network hardening. Avoid being scanned by spoiling movies on all your ports!

A tool used to obfuscate python scripts, bind obfuscated scripts to fixed machine or expire obfuscated scripts.

A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.