471 Open source projects that are alternatives of or similar to Novahot

the only php webshell you need.

pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)

a very very fast brute force webshell password tool

Scripts I use during pentest engagements.

PowerShell payload generator

📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.

Browser extension that uses intelligence to combat malicious websites by blocking them in real-time.

🆕 The Multi-Tool Web Vulnerability Scanner.

Microsoft Azure Exploitation Framework

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms

Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands on training!

Kali image with kali-linux-full metapackage installed, build every night.

Reconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.

Automated Pentest Tools Designed For Parrot Linux

Content for hackingthe.cloud

AutoPentest-DRL: Automated Penetration Testing Using Deep Reinforcement Learning

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

TryHackMe CTFs writeups, notes, drafts, scrabbles, files and solutions.

Gorsair hacks its way into remote docker containers that expose their APIs

A Collection of articles, videos, blogs, talks and other materials on Node.js Security

IPv6 attack toolkit

An awesome collection of curated Cyber Security resources(Books, Tutorials, Blogs, Podcasts, ...)

Ruby on Rails Phishing Framework

A friendly Toolkit for Beginner CTF players

Jackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.

Security Testing is not as simple as right click > Scan. It's messy, a tough game. What if you had missed to test just that one thing and had to regret later? Sh00t is a highly customizable, intelligent platform that understands the life of bug hunters and emphasizes on manual security testing.

USB Rubber Ducky type scripts written for the DigiSpark.

Command line tool that allows you to explore IoT devices by using Shodan API.

DotDotPwn - The Directory Traversal Fuzzer

This is an open source tool to dump the wifi profiles and cleartext passwords of the connected access points on the Windows machine. This tool will help you in a Wifi penetration testing. Furthermore, it is useful while performing red team or an internal infrastructure engagements.

Infection Monkey - An automated pentest tool

My last 10 year's material collection on offensive & defensive security, GRC, risk management, technical security guidelines and much more.

Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security.

Rubyfu, where Ruby goes evil!

Common Web Managers Fuzz Wordlists

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Cameradar hacks its way into RTSP videosurveillance cameras

A "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)

🏴‍☠️ Pwn misconfigured sites running ShareX custom image uploader API through chained exploit

⚡️An awesome list of the best Termux hacking tools

🌔 Official Repository for DarkSpiritz Penetration Framework | Written in Python 🐍

The New Hacking Framework

A Modular Penetration Testing Framework

Extension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.

Notes from OSCP, CTF, security adventures, etc...

my oscp prep collection

NetCat for Windows

Vagrant VirtualBox environment for conducting an internal network penetration test

Penetration Testing notes, resources and scripts

Host Header Injection Checker

Bypassing FILTER_SANITIZE_EMAIL & FILTER_VALIDATE_EMAIL filters in filter_var for SQL Injection ( xD )

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Common password pattern generator using strings list

Hakku Framework penetration testing

Exploits and Security Tools Framework 2.0.1

Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.

Web Application Security Scanner Framework

Security tool to quickly audit Public Box files and folders.

link is a command and control framework written in rust