1441 Open source projects that are alternatives of or similar to Mida Multitool

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

A standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)

This repository contains writeups for various CTFs I've participated in (Including Hack The Box).

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

A Bash script that downloads and unzips scripts that will aid with privilege escalation on a Linux system.

X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

All releases of the security research group (a.k.a. hackers) The Hacker's Choice

Collection of bash scripts I wrote to make my life easier or test myself that you may find useful.

Reconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.

Automation for internal Windows Penetrationtest / AD-Security

WADComs is an interactive cheat sheet, containing a curated list of Unix/Windows offensive tools and their respective commands.

A curated list of awesome privilege escalation

A Tool that Finds, Enumerates, and Exploits Reolink Cameras.

TryHackMe CTFs writeups, notes, drafts, scrabbles, files and solutions.

Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps. 👻🐚

Sifter aims to be a fully loaded Op Centre for Pentesters

Yet Another PHP Shell - The most complete PHP reverse shell

Notes for taking the OSCP in 2097. Read in book form on GitBook

Intelligence and Reconnaissance Package/Bundle installer.

File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

无状态子域名爆破工具

API, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)

Writeup of CVE-2020-15906

ODAT: Oracle Database Attacking Tool

An automated, modular cryptanalysis tool; i.e., a Weapon of Math Destruction

Remote exploitation framework written in Python

vulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}

📚 VoidHack CTF write-ups

Privilege Escalation Enumeration Script for Windows

pentest framework

Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting

Ladon Network Penetration Scanner for PowerShell, vulnerability / exploit / detection / MS17010/SmbGhost,Brute-Force SMB/IPC/WMI/NBT/SSH/FTP/MSSQL/MYSQL/ORACLE/VNC

Simple Server Side Request Forgery services enumeration tool.

A tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo for linux privilege escalation.

My proof-of-concept exploits for the Linux kernel

Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries

Exploitation and Mitigation Slides

Responsive Command and Control System

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

Python3 script to perform LDAP queries and enumerate users, groups, and computers from Windows Domains. Ldap_Search can also perform brute force/password spraying to identify valid accounts via LDAP.

Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network

A wrapper for Nmap to quickly run network scans

Reverse Shell as a Service

The Offensive Manual Web Application Penetration Testing Framework.

Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能

Thoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.

cve-2019-0604 SharePoint RCE exploit

File upload vulnerability scanner and exploitation tool.

A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python

A container repository for my public web hacks!

Various local exploits

Automatic SSRF fuzzer and exploitation tool

Container with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters

my oscp prep collection

Arissploit Framework is a simple framework designed to master penetration testing tools. Arissploit Framework offers simple structure, basic CLI, and useful features for learning and developing penetration testing tools.