608 Open source projects that are alternatives of or similar to Nmap Nse Info

Generates malicious LNK file payloads for data exfiltration

retrieve information via O365 with a valid cred

Just another script for automatize boolean-based blind SQL injections. (Demo)

parse nmap files

Web Pentesting Fuzz 字典,一个就够了。

Burp Extension for testing authorization issues. Automated request repeating and parameter value extraction on the fly.

Handbook of information collection for penetration testing and src

Raven-Storm is a powerful DDoS toolkit for penetration tests, including attacks for several protocols written in python. Takedown many connections using several exotic and classic protocols.

File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

This repository contains full code examples from the book Gray Hat C#

An automated e-mail OSINT tool

This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference

Captcha Intruder (CIntrud3r) is an automatic pentesting tool to bypass captchas.

Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.

⚡️ Worlds fastest steghide cracker, chewing through millions of passwords per second ⚡️

Micro-framework for rapid development of reusable security tools

Framework designed to automate various wireless networks attacks (the project was presented on Pentester Academy TV's toolbox in 2017).

Phishing Tool & Information Collector

Appsecco training course content on Attacking and Auditing Dockers Containers and Kubernetes Clusters

Evaluate the security of S3 buckets

Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

Quick utility to craft executables for pentesting and managing reverse shells

A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.

Code from Blackhat Python book

Dradis Framework: Colllaboration and reporting for IT Security teams

NSE scripts to detect CVE-2020-1350 SIGRED and CVE-2020-0796 SMBGHOST, CVE-2021-21972, proxyshell, CVE-2021-34473

Burp Suite extension to discover assets from HTTP response.

A swiss army knife for pentesting networks

fully automated pentesting tool

Next generation web scanner

Pre-connection attacks, gaining access & post-connection attacks on WEP, WPA & WPA2. 🛰✔️

DNS Sub-domain brute forcer, in Python + gevent

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

linuxprivchecker.py -- a Linux Privilege Escalation Check Script

Fast web fuzzer written in Go

🦄🔒 Awesome list of secrets in environment variables 🖥️

Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python

Quick tool for checking CVE-2020-0688 on multiple hosts with a non-intrusive method.

Monitor linux processes without root permissions

Credential stuffing engine built for security professionals

MX1014 is a flexible, lightweight and fast port scanner.

A script written lazily for generating cross-platform backdoors on the go :)

Notes for taking the OSCP in 2097. Read in book form on GitBook

Exploit for the RpcEptMapper registry key permissions vulnerability (Windows 7 / 2088R2 / 8 / 2012)

BURP extension to record every HTTP request send via BURP and create an audit trail log of an assessment.

Intelligent XSS detection tool that uses human techniques for looking for reflected cross-site scripting (XSS) vulnerabilities

Web hacking framework with tools, exploits by python

Web Content Discovery Tool

fireELF - Fileless Linux Malware Framework

Command line tool that allows you to explore IoT devices by using Shodan API.

红队综合渗透框架

Web Recon & Exploitation Tool.

Automatically Launch Google Hacking Queries Against A Target Domain

A Modular Framework for the Automated Vulnerability Analysis in IP-based Networks

Do some quick reconnaissance on a domain-based web-application

Kubernetes Goat is "Vulnerable by Design" Kubernetes Cluster. Designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security.

Reverse proxies cheatsheet

HostHunter a recon tool for discovering hostnames using OSINT techniques.

Repository of my CTF writeups