1302 Open source projects that are alternatives of or similar to Onelistforall

Tool for automating customized attacks against web applications. Fully made in C language with pthreads, it has fast performance.

A container repository for my public web hacks!

Automated Red Team Infrastructure deployement using Docker

Container with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

my oscp prep collection

OSINT Tool: Generate username lists for companies on LinkedIn

Hacking Toolkit

Linux enumeration tool for pentesting and CTFs with verbosity levels

Awesome Vulnerable Applications

macOS keychain cracking tool

Packer Fuzzer is a fast and efficient scanner for security detection of websites constructed by javascript module bundler such as Webpack.

Adds a customizable "Send to..."-context-menu to your BurpSuite.

🏴‍☠️ Information Gathering tool 🏴‍☠️ DNS / Subdomains / Ports / Directories enumeration

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns

Tool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Kubernetes Goat is "Vulnerable by Design" Kubernetes Cluster. Designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security.

Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

Micro-framework for rapid development of reusable security tools

A Not So Very Intelligent Fuzzer: An advanced fuzzing framework designed to find vulnerabilities in C/C++ code.

Set of tools to audit SIP based VoIP Systems

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.

Ferramenta para quebrar senhas administrativas de roteadores Wireless, routers, switches e outras plataformas de gestão de serviços de rede autenticados.

A simple keylogger for Windows, Linux and Mac

Fast browser-based network discovery module

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

BlackRAT - Java Based Remote Administrator Tool

🏴‍☠️ Tools for pentesting, CTFs & wargames. 🏴‍☠️

Command line tool for testing CRLF injection on a list of domains.

zynix-Fusion is a framework that aims to centralize, standardizeand simplify the use of various security tools for pentest professionals.zynix-Fusion (old name: Linux evil toolkit) has few simple commands, one of which is theinit function that allows you to define a target, and thus use all the toolswithout typing anything else.

Fast Modular Web Interfaces Bruteforcer

🔪 Leak git repositories from misconfigured websites

An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.

Abusing Certificate Transparency logs for getting HTTPS websites subdomains.

📡 A python program to create a fake AP and sniff data.

A collection of various awesome lists for hackers, pentesters and security researchers

Python library and CLI for the Bug Bounty Recon API

Your Google Recon is Now Automated

GoFingerprint is a Go tool for taking a list of target web servers and matching their HTTP responses against a user defined list of fingerprints.

⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting

RubberDucky like payloads for DigiSpark Attiny85

A simple dns resolver of dns-record and web-record log server for pentesting

The ultimate WinRM shell for hacking/pentesting

Hawkeye filesystem analysis tool

ReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.

Know the dangers of credential reuse attacks.

Automated NoSQL database enumeration and web application exploitation tool.

ASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight

Study Notes For Web Hacking / Web安全学习笔记

Python network worm that spreads on the local network and gives the attacker control of these machines.

A simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support

Repositório com conteúdo sobre web hacking em português

Just Another Linux Enumeration Script: A Bash script for locally enumerating a compromised Linux box

Rescope is a tool geared towards pentesters and bugbounty researchers, that aims to make life easier when defining scopes for Burp Suite and OWASP ZAP.

🔺 Red Team Hardware Toolkit 🔺