994 Open source projects that are alternatives of or similar to Oscp Cheat Sheet

Hacking Toolkit

Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.

Penetration Testing notes, resources and scripts

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

Offensive Reverse Shell (Cheat Sheet)

A curated list of awesome privilege escalation

A standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)

🔐 Docker Container for Penetration Testing & Security

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

A curated list of awesome OSCP resources

JustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)

备考 OSCP 的各种干货资料/渗透测试干货资料

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

linuxprivchecker.py -- a Linux Privilege Escalation Check Script

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)

Vulnerability Dashboard

CVE-2016-8610 (SSL Death Alert) PoC

PROJECT DELTA: SDN SECURITY EVALUATION FRAMEWORK

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

Our OSCP repo: from popping shells to mental health.

Phishing Tool & Information Collector

Passhunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.

The Robot Security Framework (RSF), Robot Security Framework (RSF), a standardized methodology to perform security assessments in robotics.

The Collective. A repo for a collection of red-team projects found mostly on Github.

File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

hydra

Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.

Set of tools to audit SIP based VoIP Systems

Spoilerwall introduces a brand new concept in the field of network hardening. Avoid being scanned by spoiling movies on all your ports!

Dorks for shodan.io. Some basic shodan dorks collected from publicly available data.

The all-in-one Red Team extension for Web Pentester 🛠

pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)

Notes for taking the OSCP in 2097. Read in book form on GitBook

A tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo for linux privilege escalation.

Smersh is a pentest oriented collaborative tool used to track the progress of your company's missions.

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

API, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)

Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network

Responsive Command and Control System

Vagrant VirtualBox environment for conducting an internal network penetration test

Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。

Linux enumeration tool for pentesting and CTFs with verbosity levels

my oscp prep collection

A backdoor with a multitude of features.

Container with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters

A CPU-based JSON Web Token (JWT) cracker and - to some extent - scanner.

RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.

SSRF (Server Side Request Forgery) testing resources

Fast Modular Web Interfaces Bruteforcer

Red Teaming Tactics and Techniques

Python Interactive Deepweb-oriented Rapid Intelligent Link Analyzer

A Cloudflare resolver that works

A wrapper for Nmap to quickly run network scans

The ultimate WinRM shell for hacking/pentesting

Intelligence and Reconnaissance Package/Bundle installer.

A list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP (and more) study material. Commands in 'Usefulcommands' Keepnote. Bookmarks and reading material in 'BookmarkList' CherryTree. Reconscan Py2 and Py3. Custom ISO building.

A place where I can create, collect and share tooling, resources and knowledge about information security.

Bash script purposed for system enumeration, vulnerability identification and privilege escalation.