713 Open source projects that are alternatives of or similar to Mssqli Duet

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

Scripts I use during pentest engagements.

BURP extension to record every HTTP request send via BURP and create an audit trail log of an assessment.

Infection vector that bypasses AV, IDS, and IPS. (For now...)

Rich SQL client for Postgresql, MySQL, MS SQL, Amazon Redshift, Google Firebase (Firestore)

Learning Penetration Testing of Android Applications

A portable console aimed at making pentesting with PowerShell a little easier.

AD Security Intrusion Detection System

A curated list of awesome OSCP resources

Discover Your Attack Surface!

📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.

Here you can get full exploit for SAP NetWeaver AS JAVA

This is sample code to demonstrate how one can use SQL Injection vulnerability to download local file from server in specific condition. If you have any doubt, ping me at https://twitter.com/IndiShell1046 :)

Open-Source Security Architecture | 开源安全架构

Simple and Powerful ORM for Go, support mysql,postgres,tidb,sqlite3,mssql,oracle, Moved to https://gitea.com/xorm/xorm

dbt adapter for SQL Server and Azure SQL

PingCastle - Get Active Directory Security at 80% in 20% of the time

Detect hidden files and text in images

Starter kit to quickly create ASP.NET Core with On-Premises Active Directory Authentication.

RedSnarf is a pen-testing / red-teaming tool for Windows environments

LDAP auth plugin for verdaccio

🆕 The Multi-Tool Web Vulnerability Scanner.

Tool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.

👀 🖥️ Golang rewrite of eyes.sh. Let's you perform domain/IP address information gathering. Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?" 🔍 🕵️

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

Penetration Testing Platform

Store history data in SQL Database: MySQL, PostgreSQL or SQLite

Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.

ASP.NET Core CMS

Automated Penetration Testing Framework

Database management for VSCode

🎯 SQL Injection Payload List

Work in progress...

Post-Exploitation Framework

burpsuite extension for check and extract sensitive request parameter

InQL - A Burp Extension for GraphQL Security Testing

🐶 A curated list of Web Security materials and resources.

一键生成Java代码的burp插件/Generate Java script for fuzzing in Burp。

Awesome Burp Suite Resources. 400+ open source Burp plugins, 400+ posts and videos.

Self contained htaccess shells and attacks

Password wordlist generator using song lyrics for targeted bruteforce audits / attacks. Useful for penetration testing or security research.

Passhunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.

Advanced reconnaissance utility

Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.

An easy-to-use and promise-based multi SQL dialects ORM tool for Node.js

K8Cscan大型内网渗透自定义插件化扫描神器，包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用，程序采用多线程批量扫描大型内网多个IP段C段主机，目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本，支持Cobalt Strike联动

Uses Empire's (https://github.com/BC-SECURITY/Empire) RESTful API to automate gaining Domain and/or Enterprise Admin rights in Active Directory environments using some of the most common offensive TTPs.

The Robot Security Framework (RSF), Robot Security Framework (RSF), a standardized methodology to perform security assessments in robotics.

A list to discover work of red team tooling and methodology for penetration testing and security assessment

Python Books for Security

GoRose(go orm), a mini database ORM for golang, which inspired by the famous php framwork laravle's eloquent. It will be friendly for php developer and python or ruby developer. Currently provides six major database drivers: mysql,sqlite3,postgres,oracle,mssql, Clickhouse.

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

Payload for teensy like a rubber ducky but the syntax is different. this Human interfaes device ( HID attacks ). Penetration With Teensy . Brutal is a toolkit to quickly create various payload,powershell attack , virus attack and launch listener for a Human Interface Device ( Payload Teensy )

The DNN Azure Active Directory Provider is an Authentication provider for DNN Platform (formerly DotNetNuke) that uses Azure Active Directory OAuth2 authentication to authenticate users.

Gorsair hacks its way into remote docker containers that expose their APIs

Web path scanner

An HTTP/HTTPS intercept proxy written in Go.

IPv6 attack toolkit

A cross-platform note-taking & target-tracking app for penetration testers.

Awesome PHP Security Resources 🕶🐘🔐