994 Open source projects that are alternatives of or similar to Oscp Cheat Sheet

Generate Payloads and Control Remote Machines. [Discontinued]

A toolkit for Security Researchers

A list to discover work of red team tooling and methodology for penetration testing and security assessment

Hooks in to interesting functions and helps reverse the web app faster.

A list of payload and bypass lists for penetration testing and red team infrastructure build.

Offensive tools as Dockerfiles. Lightweight & Ready to go

Abusing Certificate Transparency logs for getting HTTPS websites subdomains.

A Python library and command line tools to provide interactive log visualization.

Rockyou for web fuzzing

black hat python

Enine boyuna siber güvenlik

Vulnerability Recurrence:漏洞复现记录

The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters

The iOS Security Testing Framework

Monitor linux processes without root permissions

A robust, and flexible open source User & Entity Behavior Analytics (UEBA) framework used for Security Analytics. Developed with luv by Data Scientists & Security Analysts from the Cyber Security Industry. [PRE-ALPHA]

Search Exploitable Software on Linux

The bot for the Cyber Discovery Community Discord Server!

❄️ PcapXray - A Network Forensics Tool - To visualize a Packet Capture offline as a Network Diagram including device identification, highlight important communication and file extraction

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能

Leverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.

RFD Checker - security CLI tool to test Reflected File Download issues

A collection of useful scripts for Cobalt Strike

WhiteWinterWolf's PHP web shell

💻⚠️ A curated collection of awesome malware, botnets, and other post-exploitation tools.

Collection of the cheat sheets useful for pentesting

Simple Karma Attack

Let's track phishing kits to give to research community raw material to study !

Python network tool, similar to Netcat with custom features.

Micro-framework for rapid development of reusable security tools

Cat-Nip Automated Basic Pentest Tool - Designed For Kali Linux

Asynchronous Python implementation of SlowLoris DoS attack

Inject malicious code into *.debs

pentest framework

This repository contains a list of all web sites I come across that are either hacked with or purposefully hosting malware, ransomware, viruses or trojans.

Simple Server Side Request Forgery services enumeration tool.

A PowerShell-based toolkit and framework consisting of a collection of techniques and tradecraft for use in red team, post-exploitation, adversary simulation, or other offensive security tasks.

This challenge is Inon Shkedy's 31 days API Security Tips.

A Subdomain Enumeration and Validation tool for Bug Bounty and Pentesters.

大型内网渗透扫描器&Cobalt Strike，Ladon8.9内置120个模块，包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2，密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem，Poc/Exploit,支持Cobalt Strike 3.X-4.0

Unified Cybersecurity Ontology

GUI based offensive penetration testing tool (Open Source)

OWASP Honeypot, Automated Deception Framework.

An automated e-mail OSINT tool

A Phishing Dropper designed to Pentest.

Як не стати кібер-жертвою

EmbedOS - Embedded security testing virtual machine

vulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}

用cel-go重现了长亭xray的poc检测功能的轮子

DNS Sub-domain brute forcer, in Python + gevent

Discover internet-wide misconfigurations while drinking coffee

This repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions

For all your network pentesting needs

Offensive Web Testing Framework (OWTF), is a framework which tries to unite great tools and make pen testing more efficient http://owtf.org https://twitter.com/owtfp

A Not So Very Intelligent Fuzzer: An advanced fuzzing framework designed to find vulnerabilities in C/C++ code.

Multiplatform payload dropper

Custom memory allocator that helps discover reads from uninitialized memory