1052 Open source projects that are alternatives of or similar to moonwalk

a unique framework for cybersecurity simulation and red teaming operations, windows auditing for newer vulnerabilities, misconfigurations and privilege escalations attacks, replicate the tactics and techniques of an advanced adversary in a network.

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Basic tool to automate backdooring PE files

Search for Unix binaries that can be exploited to bypass system security restrictions.

Little Bug Bounty & Hacking Tools⚔️

Python Powered Repository

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

WebMap-Nmap Web Dashboard and Reporting

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.

Snoop — инструмент разведки на основе открытых данных (OSINT world)

Responsive Command and Control System

Collection of bash scripts I wrote to make my life easier or test myself that you may find useful.

🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks

Monitoring GitLab for sensitive data shared publicly

Credsleaker allows an attacker to craft a highly convincing credentials prompt using Windows Security, validate it against the DC and in turn leak it via an HTTP request.

Webshell Manager

Jenkins RCE Proof-of-Concept: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative)

Apache HTTP Server 2.4.49, 2.4.50 - Path Traversal & RCE

Extensible framework for analyzing publicly available information about vulnerabilities

一款适用于红蓝对抗中的仿真钓鱼系统

AndroRAT | Remote Administrator Tool for Android OS Hacking

A Golang Reverse Shell w/ a Tmux-driven psuedo-C2 Interface

An IDA Pro plugin to examine the glibc heap, focused on exploit development

Automated Mass Exploiter

Collection of things made during my OSCP journey

CVE-2018-8120 Windows LPE exploit

Exploiting Edge's read:// urlhandler

An automated, modular cryptanalysis tool; i.e., a Weapon of Math Destruction

RCE for old gitlab version <= 11.4.7 & 12.4.0-12.8.1 and LFI for old gitlab versions 10.4 - 12.8.1

A social experiment

CVE-2019-10149 : A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.

Exploitation and Mitigation Slides

Tool to help exploit XXE vulnerabilities

Exploit for CVE-2019-9810 Firefox on Windows 64-bit.

TryHackMe CTFs writeups, notes, drafts, scrabbles, files and solutions.

A collection of electronic hacker magazines carefully curated over the years from multiple sources

Feature-rich Post Exploitation Framework with Network Pivoting capabilities.

Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) via Syswhispers2

An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)

A personal collection of Windows CVE I have turned in to exploit source, as well as a collection of payloads I've written to be used in conjunction with these exploits.

Collection of different exploits

radare2 IO plugin for Linux and Android. Modifies files owned by other users via dirtycow Copy-On-Write cache vulnerability

Minecraft Honeypot for Log4j exploit. CVE-2021-44228 Log4Shell LogJam

Utility for hunting UAC bypasses or COM/DLL hijacks that alerts on the exported function that was consumed.

My proof-of-concept exploits for the Linux kernel

聚合Github上已有的Poc或者Exp，CVE信息来自CVE官网。Auto Collect Poc Or Exp from Github by CVE ID.

CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4

Exploiting challenges in Linux and Windows

Simple DLL that add a user to the local Administrators group

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能

This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.

Python AV Evasion Tools

A collection of useful links for Pentesters

Microarchitectural exploitation and other hardware attacks.

Pentesting/Bugbounty Dockerfiles.

all paths lead to clouds

A simple python script which can check HTTP status of branch of URLs/Subdomains and grab URLs/Subdomain title

A collection of Destiny 2 macros built with AutoHotKey