994 Open source projects that are alternatives of or similar to Oscp Cheat Sheet

Data leak checker & OSINT Tool

An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)

Bash script purposed for system enumeration, vulnerability identification and privilege escalation.

🔑 Hash type identifier (CLI & lib)

Awesome Node.js Security resources

🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks

my oscp prep collection

Intelligence and Reconnaissance Package/Bundle installer.

WireBug is a toolset for Voice-over-IP penetration testing

Log4J scanner that detects vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046, etc) on your file-system within any application. It is able to even find Log4J instances that are hidden several layers deep. Works on Linux, Windows, and Mac, and everywhere else Java runs, too!

A Modular Framework for the Automated Vulnerability Analysis in IP-based Networks

Repository of my CTF writeups

Linux enumeration tool for pentesting and CTFs with verbosity levels

Selenium powered Python script to automate searching for vulnerable web apps.

This repo will contain some basic pentest/RT commands.

Load a fresh new copy of ntdll.dll via file mapping to bypass API inline hook.

RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.

Extract subdomains from SSL certificates in HTTPS sites.

This repository contains writeups for various CTFs I've participated in (Including Hack The Box).

My own OSCP guide

Set of tools to audit SIP based VoIP Systems

SSRF (Server Side Request Forgery) testing resources

Red Teaming Tactics and Techniques

Sifter aims to be a fully loaded Op Centre for Pentesters

Applied offensive security with Rust - Early access - https://academy.kerkour.com/black-hat-rust?coupon=GITHUB

Quickly analyze and reverse engineer Android packages

Open source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.

Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.

Notes for taking the OSCP in 2097. Read in book form on GitBook

A list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP (and more) study material. Commands in 'Usefulcommands' Keepnote. Bookmarks and reading material in 'BookmarkList' CherryTree. Reconscan Py2 and Py3. Custom ISO building.

A tool to test security of json web token

HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)

linuxprivchecker.py -- a Linux Privilege Escalation Check Script

A backdoor with a multitude of features.

All releases of the security research group (a.k.a. hackers) The Hacker's Choice

CVE-2016-8610 (SSL Death Alert) PoC

pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)

API, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)

Vulnerability Dashboard

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

PROJECT DELTA: SDN SECURITY EVALUATION FRAMEWORK

Attack Surface Management Platform | Sn1perSecurity LLC

Container with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters

A wrapper for Nmap to quickly run network scans

Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network

A Cloudflare resolver that works

The ultimate WinRM shell for hacking/pentesting

A place where I can create, collect and share tooling, resources and knowledge about information security.

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

Implement WSUSpendu attack

Wordlist for content(directory) bruteforce discovering with Burp or dirsearch

An open source Android application that is intentionally vulnerable so as to act as a learning platform for Android application security beginners.

Spoof SSDP replies and create fake UPnP devices to phish for credentials and NetNTLM challenge/response.

DNS-Persist is a post-exploitation agent which uses DNS for command and control.

A unified console to perform the "kill chain" stages of attacks.

FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.

A high performance offensive security tool for reconnaissance and vulnerability scanning