695 Open source projects that are alternatives of or similar to Nullinux

List of every possible vulnerabilities in computer security.

Decrypt passwords/cookies/history/bookmarks from the browser. 一款可全平台运行的浏览器数据导出解密工具。

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

A backdoor with a multitude of features.

SecurityExplained is a new series after the previous learning challenge series #Learn365. The aim of #SecurityExplained series is to create informational content in multiple formats and share with the community to enable knowledge creation and learning.

HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.

Hetty is an HTTP toolkit for security research.

DNS-Persist is a post-exploitation agent which uses DNS for command and control.

Summary of online learning materials

🔑 Hash type identifier (CLI & lib)

Exploit for the RpcEptMapper registry key permissions vulnerability (Windows 7 / 2088R2 / 8 / 2012)

RECON learn: a free, open platform for training material on epidemics analysis

Simple and fast implementation of enumerations with native PHP

A simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support

Botnet targeting Windows machines written entirely in Python & open source security project.

Everything needed for doing CTFs

a fast password wordlist generator, Smartlist creation and password hybrid-mask analysis tool written in pure safe Rust

A CPU-based JSON Web Token (JWT) cracker and - to some extent - scanner.

Maryam: Open-source Intelligence(OSINT) Framework

Comprehensive Web Based Phishing Suite for Rapid Deployment and Real-Time Alerting!

Bash script for CTF automating basic enumeration

Multi OTP Spam Amp/Paralell threads

[POC] Asynchronous reverse shell using the HTTP protocol.

This repository contains full code examples from the book Gray Hat C#

Script for Local Windows Enumeration

A very (very) FAST and simple subdomain finder based on online & free services. Without any configuration requirements.

Steganography brute-force utility to uncover hidden data inside files

Find emails of Github users

This repository created for personal use and added tools from my latest blog post.

Tool to communicate with RPC services and check misconfigurations on NFS shares

Tool Information Gathering Write By Python.

Spray365 makes spraying Microsoft accounts (Office 365 / Azure AD) easy through its customizable two-step password spraying approach. The built-in execution plan features options that attempt to bypass Azure Smart Lockout and insecure conditional access policies.

A collection of over 5.1 million sub-domains and assets belonging to public bug bounty programs, compiled into a repo, for performing bulk operations.

Infosec Wordlists

goverview - Get an overview of the list of URLs

Passwords Recovery Tool

👻Behold3r -- 收集指定网站的子域名，并可监控指定网站的子域名更新情况，发送变更报告至指定邮箱

Python network tool, similar to Netcat with custom features.

A MongoDB importer and API for Project Sonars DNS datasets

OpenSSH 2.3 up to 7.4 Mass Username Enumeration (CVE-2018-15473).

SQLi-Hunter is a simple HTTP / HTTPS proxy server and a SQLMAP API wrapper that makes digging SQLi easy.

Python tool that monitors and logs user-run commands on a Linux system for either offensive or defensive purposes..

Tool to automate recon

Elixir wrapper for Recon, tools to diagnose Erlang VM safely in production

Nuubi Tools (Information-ghatering|Scanner|Recon.)

Framework designed to automate various wireless networks attacks (the project was presented on Pentester Academy TV's toolbox in 2017).

IP Tools To quickly get information about IP Address's, Web Pages and DNS records.

Go library for credentials recovery

WhiteWinterWolf's PHP web shell

./kumasia php simple backdoor

Enumerate usernames on a domain where you have no creds by using SMB Relay with low priv.

Fast web fuzzer written in Go

A framework for Backdoor development!

Generates combination of domain names from the provided input.

A standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)

Automated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]

wifi attacks suite

Unleash the power of cloud

graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology is behind a given GraphQL endpoint.

Search gtfobins and lolbas files from your terminal