753 Open source projects that are alternatives of or similar to Open Redirect Payloads

🔑 ftpknocker is a multi-threaded scanner for finding anonymous FTP servers

NodeJS Red-Team Cheat Sheet

nuclei framework scripts

A script written lazily for generating cross-platform backdoors on the go :)

Nmap and NSE command line wrapper in the style of Metasploit

Quick utility to craft executables for pentesting and managing reverse shells

Cheat-Sheet of tools for penetration testing

🔥 Firecrack pentest tools: Facebook hacking random attack, deface, admin finder, bing dorking:

Kali Live Build Scripts

📱 objection - runtime mobile exploration

Fast website scraper and wordlist generator

Tool to automate common OSINT tasks

Log4J scanner that detects vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046, etc) on your file-system within any application. It is able to even find Log4J instances that are hidden several layers deep. Works on Linux, Windows, and Mac, and everywhere else Java runs, too!

A next generation version of enum4linux (a Windows/Samba enumeration tool) with additional features like JSON/YAML export. Aimed for security professionals and CTF players.

Network Pivoting Toolkit

Hacker101 CTF Writeup

Pre-connection attacks, gaining access & post-connection attacks on WEP, WPA & WPA2. 🛰✔️

Automated Pentest Tools Designed For Parrot Linux

locate and attack Lync/Skype for Business

For all your network pentesting needs

Web Pentesting Fuzz 字典,一个就够了。

File upload vulnerability scanner and exploitation tool.

Burp Commander written in Go

Quiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.

Pentest/BugBounty progress control with scanning modules

Silentbridge is a toolkit for bypassing 802.1x-2010 and 802.1x-2004.

scripts to setup pentesting system and use during pentest

XSSMap 是一款基于 Python3 开发用于检测 XSS 漏洞的工具

🚀 Fast Port Scanner 🚀

PoC Command and Control Server. Interact with clients through a private web interface, add new users for team sharing and more.

Network protocol auditing framework

Docker image for Osmedeus, a fully automated offensive security tool for reconnaissance and vulnerability scanning

集漏洞验证和任务运行的一个框架

🎯 XML External Entity (XXE) Injection Payload List

🦄🔒 Awesome list of secrets in environment variables 🖥️

ISAF aims to be a framework that provides the necessary tools for the correct security audit of industrial environments. This repo is a mirror of https://gitlab.com/d0ubl3g/industrial-security-auditing-framework.

Loki.Rat is a fork of the Ares RAT, it integrates new modules, like recording , lockscreen , and locate options. Loki.Rat is a Python Remote Access Tool.

Python Script to help/automate the WiFi hacking exercises.

Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

Quick tool for checking CVE-2020-0688 on multiple hosts with a non-intrusive method.

Brute force attack tool for Azure AD Autologon/Seamless SSO - Source: https://arstechnica.com/information-technology/2021/09/new-azure-active-directory-password-brute-forcing-flaw-has-no-fix/

渗透测试插件化并发框架 / Open-sourced remote vulnerability PoC/EXP framework

Dumain Bruteforcer - a fast and flexible domain bruteforcer

A simple dns resolver of dns-record and web-record log server for pentesting

3389远程桌面代码执行漏洞CVE-2019-0708批量检测工具(Rdpscan Bluekeep Check)

An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.

A simple framework for sending test payloads for known web CVEs.

A Subdomain Enumeration and Validation tool for Bug Bounty and Pentesters.

🚀 Takes minutes to explore the topology of all routable /24 prefixes in IPv4 address space. Now supports IPv6 scan!

This repository contains full code examples from the book Gray Hat C#

BloodHound Docker Ready to Use

Intelligent XSS detection tool that uses human techniques for looking for reflected cross-site scripting (XSS) vulnerabilities

An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.

👻 A LAN dropbox chatbot controllable via Telegram

A (partial) Python rewriting of PowerSploit's PowerView

Command line tool that allows you to explore IoT devices by using Shodan API.

Turn your VPS into an attack box

VNC pentest tool with bruteforce and ducky script execution features

A script to configure a TP-Link MR3040 running OpenWRT into a simple, yet powerful penetration-testing "dropbox".

A bash script for recon and DOS attacks