370 Open source projects that are alternatives of or similar to Offensive-Security-Cayuqueo

Kali Intelligence Suite (KIS) shall aid in the fast, autonomous, central, and comprehensive collection of intelligence by executing standard penetration testing tools. The collected data is internally stored in a structured manner to allow the fast identification and visualisation of the collected information.

An XMLRPC brute forcer targeting Wordpress written in Python 3. (DISCONTINUED)

Pass in a list of URLs with query strings, get back a unique list of URLs and query string combinations

Bash script that automates the enumeration of domains and DNS servers in the active information gathering.

Quick SQL Scanner, Dorker, Webshell injector PHP

Collection of several DDos tools.

A Python Hacking Library consisting of network scanner, arp spoofer and detector, dns spoofer, code injector, packet sniffer, network jammer, email sender, downloader, wireless password harvester credential harvester, keylogger, download&execute, ransomware, data harvestors, etc.

Ashok is a OSINT Recon Tool , a.k.a 😍 Swiss Army knife .

A dictionary attack tool for PostgreSQL and MSSQL

Docker - Ubuntu with a bunch of PenTesting tools and wordlists

Collection of penetration test reports and pentest report templates. Published by the the best security companies in the world.

CloudDefense.ai is an automated web application security testing tool that audits your web applications by checking for vulnerabilities like SQL Injection, Cross-site scripting and other exploitable vulnerabilities.

WordPress pentest tool

Automated Pentest Tools Designed For Parrot Linux

WARF is a Web Application Reconnaissance Framework that helps to gather information about the target.

Classic code from 1999+ I am fairly sure this is the first public polymorphic shellcode ever (best IMHO and others http://ids.cs.columbia.edu/sites/default/files/ccs07poly.pdf :) If I ever port this to 64 or implement a few other suggestions (sorry I lost ppc code version contributed) it will be orders of magnitude more difficult to spot, so I h…

A simple, extensible C&C beaconing system.

pentest toolbox

Discover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty

Web Penetration Testing with Kali Linux - Third Edition, published by Packt

PENIOT: Penetration Testing Tool for IoT

Collect email addresses by crawling search engine results.

Dark-Phish is a complete phishing tool. For more about Dark-Phish tool please visit the website.

Vaf is a cross-platform very advanced and fast web fuzzer written in nim

Boxer: A fast directory bruteforce tool written in Python with concurrency.

[WIP] Anti-Forensics ToolKit to clear post-intrusion sensible logfiles 🔥 (For Research Only)

Work in progress...

:.IP webcam penetration test suit.:

Automated Web Recon Shell Scripts

brute force SSH public-key authentication

Cheat-Sheet of tools for penetration testing

Go library for credentials recovery

Bypassing FILTER_SANITIZE_EMAIL & FILTER_VALIDATE_EMAIL filters in filter_var for SQL Injection ( xD )

🏴‍☠️ Pwn misconfigured sites running ShareX custom image uploader API through chained exploit

pure python remote adb scanner + nmap scan module

Obtain GraphQL API Schema even if the introspection is not enabled

Tools used for Penetration testing / Red Teaming

JSON RSA to HMAC and None Algorithm Vulnerability POC

GoPhish Templates that I have retired and/or templates I've recreated.

Framework For Exploring kernel vulnerabilities, network vulnerabilities ✨

A script to configure a TP-Link MR3040 running OpenWRT into a simple, yet powerful penetration-testing "dropbox".

The Red Rabbit project is just what a hacker needs for everyday automation. Red Rabbit unlike most frameworks out there does not automate other peoples tools like the aircrack suite or the wifite framework, it rather has its own code and is raw source with over 270+ options. This framework might just be your everyday key to your workflow

Multi source CVE/exploit parser.

recon-ng modules for Censys

DevBrute is a Password Brute Forcer, It can Brute Force almost all Social Media Accounts or Any Web Application.

Totally Insecure Web Application Project (TIWAP)

Pentest: Subdomains enumeration tool for penetration testers.

Exploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)

Penetration tests on SSH servers using brute force or dictionary attacks. Written in Python.

Notes from OSCP, CTF, security adventures, etc...

Login hunter of default credentials for administrative web interfaces leveraging NNdefaccts dataset.

graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology is behind a given GraphQL endpoint.

This Script will produce all of the WPA2 Passwords used by various Router companies aswell as Fritzbox. All of these Passwords will be 16 Numbers in length. So it could get a bit large.

General stuff for pentesting - password cracking, phishing, automation, Kali, etc.

Script to spider a website and find publicly open S3 buckets

A friendly Toolkit for Beginner CTF players

My last 10 year's material collection on offensive & defensive security, GRC, risk management, technical security guidelines and much more.

Search Google and download specific file types

Penetration Test Framwork

Opening the door, one reverse shell at a time