738 Open source projects that are alternatives of or similar to Msploitego

Dracnmap is an open source program which is using to exploit the network and gathering information with nmap help. Nmap command comes with lots of options that can make the utility more robust and difficult to follow for new users. Hence Dracnmap is designed to perform fast scaning with the utilizing script engine of nmap and nmap can perform various automatic scanning techniques with the advanced commands.

SQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcing

Random IPv6 - circumvents restrictive IP address-based filter and blocking rules

A collection of public offensive and defensive security related scripts for InfoSec students.

🔗 All the resources I could find for learning Ethical Hacking and Penetration Testing.

Venom - A Multi-hop Proxy for Penetration Testers

Network Miner generates a network map by sending SNMP requests (LLDP/CDP/EDP).

基于masscan和nmap的快速端口扫描和指纹识别工具，优化版本(获取标题，页面长度,过滤防火墙)

Detect hidden files and text in images

Set of Icinga/Nagios plugins to check hosts and hardware with the SNMP protocol.

venom - shellcode generator/compiler/handler (metasploit)

ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产，构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产，发现存在的薄弱点和攻击面。

Healthbot configuration examples. Scripts to manage Healthbot. Closed loop automation. Healthbot building blocks description and troubleshooting guide

Python3 script to perform LDAP queries and enumerate users, groups, and computers from Windows Domains. Ldap_Search can also perform brute force/password spraying to identify valid accounts via LDAP.

Powerful Visual Subdomain Enumeration at the Click of a Mouse

A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests

A cross-platform note-taking & target-tracking app for penetration testers.

A curated list of awesome OSCP resources

Another monitoring application, intentend to be simple to use and extensible.

My collection of nmap NSE scripts

A collection of Ansible roles for automating infosec builds.

Find exploit tool

🔎 Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.

Directory Services Internals (DSInternals) PowerShell Module and Framework

Elasticsearch for Offensive Security

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

Work in progress...

Ruby on Rails Phishing Framework

Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.

A list to discover work of red team tooling and methodology for penetration testing and security assessment

Exploit Pack -The next generation exploit framework

Faster and more efficient stateless SYN scanner and banner grabber due to userland TCP/IP stack usage.

Self contained htaccess shells and attacks

A small Php application to fetch archive url snapshots from archive.org. using it you can fetch complete list of snapshot urls of any year or complete list of all years possible. Made Specially for penetration testing purpose.

Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.

Powershell script to setup windows port forwarding using native netsh client

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

Wordpress Attack Suite

A collection of manifests that will create pods with elevated privileges.

Forward shell generation framework

Python based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.

An awesome resource listing and explaining various commonly used *nix commands

IPv6 attack toolkit

Jackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.

A Nmap XSL implementation with Bootstrap.

集成crawlergo、xray、dirsearch、nmap等工具的src漏洞挖掘工具，使用docker封装运行；使用oneforall自动遍历子域名并扫描；

EternalView is an all in one basic information gathering and vulnerability assessment tool

metasploit中文wiki

MSDAT: Microsoft SQL Database Attacking Tool

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

USB Rubber Ducky type scripts written for the DigiSpark.

foolav successor - loads DLL, executable or shellcode into memory and runs it effectively bypassing AV

Penetration tests guide based on OWASP including test cases, resources and examples.

Learning Penetration Testing of Android Applications

A collection of more than 140+ tools, scripts, cheatsheets and other loots that I have developed over years for Red Teaming/Pentesting/IT Security audits purposes. Most of them came handy on at least one of my real-world engagements.

Post-Exploitation Framework

Command line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.

SMBExec implementation in Nim - SMBv2 using NTLM Authentication with Pass-The-Hash technique

SNMP Proxy Forwarder

GUI based offensive penetration testing tool (Open Source)