827 Open source projects that are alternatives of or similar to Minimalistic Offensive Security Tools

Classic code from 1999+ I am fairly sure this is the first public polymorphic shellcode ever (best IMHO and others http://ids.cs.columbia.edu/sites/default/files/ccs07poly.pdf :) If I ever port this to 64 or implement a few other suggestions (sorry I lost ppc code version contributed) it will be orders of magnitude more difficult to spot, so I h…

LDAP auth plugin for verdaccio

A simple multi-threaded distributed SSH brute-forcing tool written in Python

NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.

A collection of public offensive and defensive security related scripts for InfoSec students.

Forward shell generation framework

Nmap - the Network Mapper. Github mirror of official SVN repository.

The ldap2json script allows you to extract the whole LDAP content of a Windows domain into a JSON file.

This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.

Simple tool written in python3 to perform limited brute-force attacks on gmail accounts.

Security Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.

Docker auditing and enumeration script.

👀 🖥️ Golang rewrite of eyes.sh. Let's you perform domain/IP address information gathering. Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?" 🔍 🕵️

FazPort is an advanced Perl Port Scanner. Scan and Detect open port in every website(s) you want.

Ladon Pentest Scanner framework 全平台LadonGo开源内网渗透扫描器框架，使用它可轻松一键批量探测C段、B段、A段存活主机、高危漏洞检测MS17010、SmbGhost，远程执行SSH/Winrm，密码爆破SMB/SSH/FTP/Mysql/Mssql/Oracle/Winrm/HttpBasic/Redis，端口扫描服务识别PortScan指纹识别/HttpBanner/HttpTitle/TcpBanner/Weblogic/Oxid多网卡主机，端口扫描服务识别PortScan。

GoPhish Templates that I have retired and/or templates I've recreated.

🏴‍☠️ Information Gathering tool 🏴‍☠️ DNS / Subdomains / Ports / Directories enumeration

pentest toolbox

Python 3.5+ DNS asynchronous brute force utility

A script to configure a TP-Link MR3040 running OpenWRT into a simple, yet powerful penetration-testing "dropbox".

Distributed alerting for the masses!

An XMLRPC brute forcer targeting Wordpress written in Python 3. (DISCONTINUED)

GitBook: OSCP RoadMap

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)

A dictionary attack tool for PostgreSQL and MSSQL

Automatically brute force all services running on a target.

🛅 Passwords using personal information

Hack the World using Termux

domhttpx is a google search engine dorker with HTTP toolkit built with python, can make it easier for you to find many URLs/IPs at once with fast time.

Multi-threaded AES Brute Force File Decryption

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Simple directory brute-force tool written with python.

Web Application Security Scanner

fast TCP banner grabbing with node.js

Open Source SIEM (Security Information and Event Management system).

Tracking CVEs for the linux Kernel

FindUncommonShares.py is a Python equivalent of PowerView's Invoke-ShareFinder.ps1 allowing to quickly find uncommon shares in vast Windows Domains.

Github mirror of "mediawiki/tools/phan/SecurityCheckPlugin" - our actual code is hosted with Gerrit (please see https://www.mediawiki.org/wiki/Developer_access for contributing)

A distributed nmap / masscan scanning framework complete with an API client for automation workflows

SEC分布式资产扫描系统

👔 Enterprise Web application starter kit or template using Laravel

Active Directory strategy for passport.js

Burp extension to passively scan for applications revealing software version numbers

A simple Python script that reads a text file with lots of e-mails and passwords, and tries to check if those credentials are valid by trying to login on IMAP servers.

This Script will produce all of the WPA2 Passwords used by various Router companies aswell as Fritzbox. All of these Passwords will be 16 Numbers in length. So it could get a bit large.

Awesome hacking is an awesome collection of hacking tools.

CloudDefense.ai is an automated web application security testing tool that audits your web applications by checking for vulnerabilities like SQL Injection, Cross-site scripting and other exploitable vulnerabilities.

swiss army knife for hackers

An HTTP/HTTPS intercept proxy written in Go.

Keye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will make a request to these URLs and try to detect changes based on their response's body length.

Learning Penetration Testing of Android Applications

GoFetch is a tool to automatically exercise an attack plan generated by the BloodHound application.

Network Security Vulnerability Scanner

A curated list of security resources for a Ruby on Rails application

A script for advanced discovery of Privileged Accounts - includes Shadow Admins

Little tool made in python to create payloads for Linux, Windows and OSX with unique handler

It's a Docker Environment for pentesting which having all the required tool for VAPT.

RedSnarf is a pen-testing / red-teaming tool for Windows environments

A "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)

Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place