1321 Open source projects that are alternatives of or similar to Offensive Docker

Automated Red Team Infrastructure deployement using Docker

Applied offensive security with Rust - Early access - https://academy.kerkour.com/black-hat-rust?coupon=GITHUB

Vagrant VirtualBox environment for conducting an internal network penetration test

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

Keye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will make a request to these URLs and try to detect changes based on their response's body length.

Set of tools to audit SIP based VoIP Systems

OSINT

A simple dns resolver of dns-record and web-record log server for pentesting

Know the dangers of credential reuse attacks.

Study Notes For Web Hacking / Web安全学习笔记

Automated NoSQL database enumeration and web application exploitation tool.

scan for NTLM directories

A Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.

CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.

Python network worm that spreads on the local network and gives the attacker control of these machines.

Offensive tools as Dockerfiles. Lightweight & Ready to go

A tool to automate penetration tests

Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.

Comprehensive Web Based Phishing Suite for Rapid Deployment and Real-Time Alerting!

Portia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised. Portia performs privilege escalation as well as lateral movement automatically in the network

A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).

🔺 Red Team Hardware Toolkit 🔺

RubberDucky like payloads for DigiSpark Attiny85

Python library and CLI for the Bug Bounty Recon API

IP Tools To quickly get information about IP Address's, Web Pages and DNS records.

RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.

Just Another Linux Enumeration Script: A Bash script for locally enumerating a compromised Linux box

A list of payload and bypass lists for penetration testing and red team infrastructure build.

Extract subdomains from SSL certificates in HTTPS sites.

Free advanced and modern Windows botnet with a nice and secure PHP panel.

🔩 jwt-hack is tool for hacking / security testing to JWT. Supported for En/decoding JWT, Generate payload for JWT attack and very fast cracking(dict/brutefoce)

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

Awesome Vulnerable Applications

A high performance offensive security tool for reconnaissance and vulnerability scanning

The all-in-one Red Team extension for Web Pentester 🛠

Personal CTF Toolkit

A Python tool used to automate the execution of the following tools : Nmap , Nikto and Dirsearch but also to automate the report generation during a Web Penetration Testing

TechNowLogger is Windows/Linux Keylogger Generator which sends key-logs via email with other juicy target info

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

A vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.

Metasploit custom modules, plugins, resource script and.. awesome metasploit collection

File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

Hacker101 CTF Writeup

An automated e-mail OSINT tool

Hetty is an HTTP toolkit for security research.

Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

大型内网渗透扫描器&Cobalt Strike，Ladon8.9内置120个模块，包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2，密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem，Poc/Exploit,支持Cobalt Strike 3.X-4.0

retrieve information via O365 with a valid cred

Linux privilege escalation checks (systemd, dbus, socket fun, etc)

GoFingerprint is a Go tool for taking a list of target web servers and matching their HTTP responses against a user defined list of fingerprints.

Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting

HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.

Spoof SSDP replies and create fake UPnP devices to phish for credentials and NetNTLM challenge/response.

This is a multi-use bash script for Linux systems to audit wireless networks.

locate and attack Lync/Skype for Business

Cameradar hacks its way into RTSP videosurveillance cameras

A Bash script and Docker image for Bug Bounty reconnaissance. Intended for headless use.