1032 Open source projects that are alternatives of or similar to oscp-omnibus

Opening the door, one reverse shell at a time

🆕 The Multi-Tool Web Vulnerability Scanner.

Vanquish is Kali Linux based Enumeration Orchestrator. Vanquish leverages the opensource enumeration tools on Kali to perform multiple active information gathering phases.

Don't let buffer overflows overflow your mind

GitBook: OSCP RoadMap

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

Get GTFOBins info about a given exploit from the command line

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

A curated list of awesome OSCP resources

Collection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)

Work in progress...

The Collective. A repo for a collection of red-team projects found mostly on Github.

Common password pattern generator using strings list

GUI based offensive penetration testing tool (Open Source)

A list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP (and more) study material. Commands in 'Usefulcommands' Keepnote. Bookmarks and reading material in 'BookmarkList' CherryTree. Reconscan Py2 and Py3. Custom ISO building.

Wireshark Cheat Sheet

Find cloud assets that no one wants exposed 🔎 ☁️

🔐 Docker Container for Penetration Testing & Security

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

Cameradar hacks its way into RTSP videosurveillance cameras

Automated NoSQL database enumeration and web application exploitation tool.

A simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support

A useful list of must-watch talks about CSS

📖 Huge curated collection (archive) of links of Tech, Science, Economics, Politics, Life, Philosophy, Conferences, Videos and much more resources from everyday surfing. ⭐️ Since October 21, 2017.

▒ rice ░░ custom linux config files

A list to discover work of red team tooling and methodology for penetration testing and security assessment

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

Password wordlist generator using song lyrics for targeted bruteforce audits / attacks. Useful for penetration testing or security research.

All In One Pentesting Tool For Recon & Auditing , Phone Number Lookup , Header , SSH Scan , SSL/TLS Scan & Much More.

Work in progress...

unix SSH post-exploitation 1337 tool

my oscp prep collection

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

备考 OSCP 的各种干货资料/渗透测试干货资料

Multi source CVE/exploit parser.

Red Teaming Tactics and Techniques

Turn your VPS into an attack box

This tool provides commandline access for https://www.hackthebox.eu, https://tryhackme.com/ and https://www.vulnhub.com/ machines.

A place where I can create, collect and share tooling, resources and knowledge about information security.

File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.

A useful list of must-watch talks about JavaScript

A default credential scanner.

Collection of things made during my OSCP journey

USB Rubber Ducky type scripts written for the DigiSpark.

Leaked pentesting manuals given to Conti ransomware crooks

A collection of more than 140+ tools, scripts, cheatsheets and other loots that I have developed over years for Red Teaming/Pentesting/IT Security audits purposes. Most of them came handy on at least one of my real-world engagements.

Pentest: Subdomains enumeration tool for penetration testers.

Writeups for vulnerable machines.

Useful tools and scripts during Penetration Testing engagements

Collection of penetration test reports and pentest report templates. Published by the the best security companies in the world.

Script to spider a website and find publicly open S3 buckets

Pass in a list of URLs with query strings, get back a unique list of URLs and query string combinations

Information Security Library

Exploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)

Collection of several DDos tools.

PHP shells that work on Linux OS, macOS, and Windows OS.

Hacking, pen-testing, and cyber-security related tools built with Python.

Bash script that automates the enumeration of domains and DNS servers in the active information gathering.