295 Open source projects that are alternatives of or similar to Nray

KratosKnife is a Advanced BOTNET Written in python 3 for Windows OS. Comes With Lot of Advanced Features such as Persistence & VM Detection Methods, Built-in Binder, etc

Spoilerwall introduces a brand new concept in the field of network hardening. Avoid being scanned by spoiling movies on all your ports!

Find exploits in local and online databases instantly

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)

Cat-Nip Automated Basic Pentest Tool - Designed For Kali Linux

Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.

A framework that create an advanced stealthy dropper that bypass most AVs and have a lot of tricks

Generate unicode evil domains for IDN Homograph Attack and detect them.

Fast Modular Web Interfaces Bruteforcer

Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework

RFD Checker - security CLI tool to test Reflected File Download issues

🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

Pentest environment deployer (kali linux + targets) using vagrant and chef.

Simple Karma Attack

windows-kernel-exploits Windows平台提权漏洞集合

A fast, simple, recursive content discovery tool written in Rust.

Powerfull XSS Scanning and Parameter analysis tool&gem

macro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments. The goal of macro_pack is to simplify exploitation, antimalware bypass, and automatize the process from malicious macro and script generation to final document generation. It also provides a lot of helpful features useful for redteam or security research.

Most usable tools for iOS penetration testing

Bruteforce HTTP Authentication

Automated Red Team Infrastructure deployement using Docker

This challenge is Inon Shkedy's 31 days API Security Tips.

C2/post-exploitation framework

Penetration tests guide based on OWASP including test cases, resources and examples.

Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。

Burp Suite extension to passively scan for applications revealing server error messages

All releases of the security research group (a.k.a. hackers) The Hacker's Choice

An Infrastructure as Code (IaC) deployment of a small Active Directory pentest lab in the cloud. The deployment simulates a semi-realistic corporate enterprise Active Directory with a DC and endpoints. Purple team goals include blue team detection capabilities and R&D for detection engineering new approaches.

Apache Solr Injection Research

vulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}

JustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)

Awesome Node.js Security resources

GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes.

Ladon Network Penetration Scanner for PowerShell, vulnerability / exploit / detection / MS17010/SmbGhost,Brute-Force SMB/IPC/WMI/NBT/SSH/FTP/MSSQL/MYSQL/ORACLE/VNC

A post exploitation tool based on a web application, focusing on bypassing endpoint protection and application whitelisting

Container with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters

Quickly analyze and reverse engineer Android packages

Burp extension to passively scan for applications revealing software version numbers

A curated list of awesome privilege escalation

Pop shells like a master.

Sifter aims to be a fully loaded Op Centre for Pentesters

Snoop — инструмент разведки на основе открытых данных (OSINT world)

A fully featured Windows backdoor that uses Gmail as a C&C server

Set of tools to audit SIP based VoIP Systems

SS7 MAP (pen-)testing toolkit. DISCONTINUED REPO, please use: https://github.com/0xc0decafe/ss7MAPer/

Chef repository for pentesting tools

渗透测试人员专用精简化字典 Dictionary for penetration testers happy hacker

Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network

红蓝对抗跨平台远控工具

CVE-2016-8610 (SSL Death Alert) PoC

Open Redirect Payloads

Keye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will make a request to these URLs and try to detect changes based on their response's body length.

X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

C2Hack, sharing tips and tricks for pentesters

SSRF (Server Side Request Forgery) testing resources

Vulnerability Recurrence:漏洞复现记录

Webshell Manager

Sparty - MS Sharepoint and Frontpage Auditing Tool [Unofficial]

A curated list of awesome OSCP resources