738 Open source projects that are alternatives of or similar to Msploitego

SSRF (Server Side Request Forgery) testing resources

Awesome hacking is an awesome collection of hacking tools.

my oscp prep collection

NetXMS - Open Source network and infrastructure monitoring and management

A portable console aimed at making pentesting with PowerShell a little easier.

NetCat for Windows

SNMP MIB parser

Exploit for the RpcEptMapper registry key permissions vulnerability (Windows 7 / 2088R2 / 8 / 2012)

Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.

IP Tools To quickly get information about IP Address's, Web Pages and DNS records.

A list to discover work of red team tooling and methodology for penetration testing and security assessment

Top 100 Hacking & Security E-Books (Free Download)

Exploit Pack -The next generation exploit framework

Faster and more efficient stateless SYN scanner and banner grabber due to userland TCP/IP stack usage.

A Modular Penetration Testing Framework

Self contained htaccess shells and attacks

Reverse Shell Cheat Sheet TooL

A small Php application to fetch archive url snapshots from archive.org. using it you can fetch complete list of snapshot urls of any year or complete list of all years possible. Made Specially for penetration testing purpose.

Fatrat -A cloud based Remote Android Managment Suite, Powered by NodeJS

Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.

😹 Tomcter is a python tool developed to bruteforce Apache Tomcat manager login with Apache Tomcat default credentials.

Powershell script to setup windows port forwarding using native netsh client

SNMP library in ruby (v1, v2c, v3)

Morpheus - Automating Ettercap TCP/IP (MITM-hijacking Tool)

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

Stækka Metasploit - Extenting Metasploit

Payload for teensy like a rubber ducky but the syntax is different. this Human interfaes device ( HID attacks ). Penetration With Teensy . Brutal is a toolkit to quickly create various payload,powershell attack , virus attack and launch listener for a Human Interface Device ( Payload Teensy )

An awesome resource listing and explaining various commonly used *nix commands

Eternalblue written in CSharp. Contains version detection, vulnerability scanner and exploit of MS17-010

Set of Icinga/Nagios plugins to check hosts and hardware with the SNMP protocol.

Useful tools and scripts during Penetration Testing engagements

NSE scripts to detect CVE-2020-1350 SIGRED and CVE-2020-0796 SMBGHOST, CVE-2021-21972, proxyshell, CVE-2021-34473

IPv6 attack toolkit

MX1014 is a flexible, lightweight and fast port scanner.

A tool for integrating the Metasploit payload with Android's healthy programs and bypassing antivirus

Penetration Testing notes, resources and scripts

Command line tool that allows you to explore IoT devices by using Shodan API.

A Nmap XSL implementation with Bootstrap.

Web App Pen Tester (Web Interface)

集成crawlergo、xray、dirsearch、nmap等工具的src漏洞挖掘工具，使用docker封装运行；使用oneforall自动遍历子域名并扫描；

Oracle Database Penetration Testing Reference (10g/11g)

Wordpress Attack Suite

EternalView is an all in one basic information gathering and vulnerability assessment tool

A shot-for-shot remake of the Google Login Page.

Jackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

Hide your payload into .jpg file

Discover Your Attack Surface!

Internal penetration testing tool for Linux that can be used to enumerate OS information, domain information, shares, directories, and users through SMB.

USB Rubber Ducky type scripts written for the DigiSpark.

My notes on PentesterLab's Bootcamp series 🕵️

foolav successor - loads DLL, executable or shellcode into memory and runs it effectively bypassing AV

Vanquish is Kali Linux based Enumeration Orchestrator. Vanquish leverages the opensource enumeration tools on Kali to perform multiple active information gathering phases.

Icingaweb2 module for receiving and handling snmp traps

Cooolis-ms是一个包含了Metasploit Payload Loader、Cobalt Strike External C2 Loader、Reflective DLL injection的代码执行工具，它的定位在于能够在静态查杀上规避一些我们将要执行且含有特征的代码，帮助红队人员更方便快捷的从Web容器环境切换到C2环境进一步进行工作。

😇 A Powershell exploit service that opens a reverse http connection via meterpreter

Dradis Framework: Colllaboration and reporting for IT Security teams

Ladon Network Penetration Scanner for PowerShell, vulnerability / exploit / detection / MS17010/SmbGhost,Brute-Force SMB/IPC/WMI/NBT/SSH/FTP/MSSQL/MYSQL/ORACLE/VNC

HostHunter a recon tool for discovering hostnames using OSINT techniques.

Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.