1522 Open source projects that are alternatives of or similar to Oscp Pentest Methodologies

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

A tool to test security of json web token

JustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)

HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.

👻Stowaway -- Multi-hop Proxy Tool for pentesters

Attack Surface Management Platform | Sn1perSecurity LLC

Offensive Reverse Shell (Cheat Sheet)

Venom - A Multi-hop Proxy for Penetration Testers

A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

🔐 Docker Container for Penetration Testing & Security

The Collective. A repo for a collection of red-team projects found mostly on Github.

👻Behold3r -- 收集指定网站的子域名，并可监控指定网站的子域名更新情况，发送变更报告至指定邮箱

Yet Another PHP Shell - The most complete PHP reverse shell

Command line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.

unix SSH post-exploitation 1337 tool

This script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)

Awesome cloud enumerator

my oscp prep collection

👻Impost3r -- A linux password thief

This cheasheet is aimed at the CTF Players and Beginners to help them sort Vulnhub Labs. This list contains all the writeups available on hackingarticles.

Steganography brute-force utility to uncover hidden data inside files

Powerful Visual Subdomain Enumeration at the Click of a Mouse

An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.

Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

Sifter aims to be a fully loaded Op Centre for Pentesters

Penetration Testing notes, resources and scripts

Get GTFOBins info about a given exploit from the command line

Web path scanner

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

Functions that can be used to gain Reverse Shells with PowerShell

Search for Unix binaries that can be exploited to bypass system security restrictions.

Automation for internal Windows Penetrationtest / AD-Security

🔑 Hash type identifier (CLI & lib)

Network Pivoting Toolkit

A tool to automate penetration tests

Tool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.

Red Teaming Tactics and Techniques

🙃 Reverse Shell Cheat Sheet 🙃

RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.

A curated list of awesome privilege escalation

👶 BabySploit Beginner Pentesting Toolkit/Framework Written in Python 🐍

Hacking Toolkit

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

hydra

Perun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架

Passhunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.

A wrapper for Nmap to quickly run network scans

pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)

A curated list of awesome OSCP resources

Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries

A list to discover work of red team tooling and methodology for penetration testing and security assessment

The Robot Security Framework (RSF), Robot Security Framework (RSF), a standardized methodology to perform security assessments in robotics.

A tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo for linux privilege escalation.

Python3 script to perform LDAP queries and enumerate users, groups, and computers from Windows Domains. Ldap_Search can also perform brute force/password spraying to identify valid accounts via LDAP.

A place where I can create, collect and share tooling, resources and knowledge about information security.

🌔 Official Repository for DarkSpiritz Penetration Framework | Written in Python 🐍

The LAZY script will make your life easier, and of course faster.

All releases of the security research group (a.k.a. hackers) The Hacker's Choice

👀 🖥️ Golang rewrite of eyes.sh. Let's you perform domain/IP address information gathering. Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?" 🔍 🕵️