154 Open source projects that are alternatives of or similar to Open Redirect Payload List

🎯 RFI/LFI Payload List

🎯 Server Side Template Injection Payloads

🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List

🎯 SQL Injection Payload List

🎯 XML External Entity (XXE) Injection Payload List

Bad char generator to instruct encoders such as shikata-ga-nai to transform those to other chars.

Loki.Rat is a fork of the Ares RAT, it integrates new modules, like recording , lockscreen , and locate options. Loki.Rat is a Python Remote Access Tool.

Git All the Payloads! A collection of web attack payloads.

Payload Arsenal for Pentration Tester and Bug Bounty Hunters

The purpose of this tool is to test the window10 defender protection and also other antivirus protection.

HatVenom is a HatSploit native powerful payload generation tool that provides support for all common platforms and architectures.

Chimera is a (shiny and very hack-ish) PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Penetration tests guide based on OWASP including test cases, resources and examples.

Python Remote Administration Tool (RAT)

🔠 Tool for generation samples based on OpenAPI(fka Swagger) payload/response schema

Undetectable Windows Payload Generation

Recsech is a tool for doing Footprinting and Reconnaissance on the target web. Recsech collects information such as DNS Information, Sub Domains, HoneySpot Detected, Subdomain takeovers, Reconnaissance On Github and much more you can see in Features in tools .

A polyglot payload generator

🔥 CHAOS is a Remote Administration Tool that allow generate binaries to control remote operating systems.

China's first CTFTools framework.中国国内首个CTF工具框架,旨在帮助CTFer快速攻克难关

Metasploit Cheat Sheet 💣

▲ Web services for JavaScript, Angular.js, React.js, Vue.js, Meteor.js, Node.js, and other JavaScript-based websites, web apps, single page applications (SPA), and progressive web applications (PWA). Our services: Pre-rendering, Monitoring, Web Analytics, WebSec, and Web-CRON

Exploit Discord's cache system to remote upload payloads on Discord users machines

Analysing parameters with all payloads' bypass methods, aiming at benchmarking security solutions like WAF.

A Undetectable Payload Generation

ARCANUS is a customized payload generator/handler.

Python antivirus evasion tool

A container repository for my public web hacks!

Hide your payload into .jpg file

An Advanced Tool For Complete Apk-Modding In Termux ...

Fast and lightweight yet another UEFI implementation

OpenSSL对称算法、哈希校验、非对称算法、证书管理、SSL安全

Infection vector that bypasses AV, IDS, and IPS. (For now...)

Mouse Framework is an iOS and macOS post-exploitation framework that gives you a command line session with extra functionality between you and a target machine using only a simple Mouse payload. Mouse gives you the power and convenience of uploading and downloading files, tab completion, taking pictures, location tracking, shell command execution, escalating privileges, password retrieval, and much more.

AutoIt HackTool, Shortcuts .lnk Payloads Generator As LNK-KISSER.

Proton Framework is a Windows post-exploitation framework similar to other Windows post-exploitation frameworks. The major difference is that the Proton Framework does most of its operations using Windows Script Host, with compatibility in the core to support a default installation of Windows 2000 with no service packs all the way through Windows 10.

Evilgrade is a modular framework that allows the user to take advantage of poor upgrade implementations by injecting fake updates.

RubberDucky like payloads for DigiSpark Attiny85

checksum-reproducible tar archives (utility/library)

SMB Relay Attack Script

ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.

Generates malicious LNK file payloads for data exfiltration

📚 Overview 🔒 Tooling 🔒 Process 🔒 Physical 🔒 People 📚

A tool to test security of json web token

Remote exploitation framework written in Python

A collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me

A list of payload and bypass lists for penetration testing and red team infrastructure build.

Entropy Toolkit is a set of tools to provide Netwave and GoAhead IP webcams attacks. Entropy Toolkit is a powerful toolkit for webcams penetration testing.

C++ GUI for TegraRcmSmash (Fusée Gelée exploit for Nintendo Switch)

做redteam时使用，修改自Ridter的https://github.com/Ridter/Intranet_Penetration_Tips

RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.

An HTTP/HTTPS intercept proxy written in Go.

Self-deployable file hosting service for red teamers, allowing to easily upload and share payloads over HTTP and WebDAV.

The all-in-one Red Team extension for Web Pentester 🛠

备考 OSCP 的各种干货资料/渗透测试干货资料

Powerful Visual Subdomain Enumeration at the Click of a Mouse

SSTI Payload Generator

Semantic Java API Library for NEM Platform

Modern Web Firewall: stop account takeovers, weak passwords, cloud IPs, DoS attacks, disposable emails