1522 Open source projects that are alternatives of or similar to Oscp Pentest Methodologies

Web path scanner

RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.

unix SSH post-exploitation 1337 tool

FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.

🙃 Reverse Shell Cheat Sheet 🙃

Hacking Toolkit

Python3 script to perform LDAP queries and enumerate users, groups, and computers from Windows Domains. Ldap_Search can also perform brute force/password spraying to identify valid accounts via LDAP.

Powerful Visual Subdomain Enumeration at the Click of a Mouse

Python script wrote to automate the process of generating various reverse shells.

🆕 The Multi-Tool Web Vulnerability Scanner.

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

Quiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.

个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.

The Last Web Recon Tool You'll Need

Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.

Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python

⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡

repo with challenge material for riceteacatpanda (2020)

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Silentbridge is a toolkit for bypassing 802.1x-2010 and 802.1x-2004.

Use ExpiredDomains.net and BlueCoat to find useful domains for red team.

CVE-2016-8610 (SSL Death Alert) PoC

Tool Information Gathering & social engineering Write By [Python,JS,PHP]

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands on training!

An HTTP/HTTPS intercept proxy written in Go.

做redteam时使用，修改自Ridter的https://github.com/Ridter/Intranet_Penetration_Tips

Snoop — инструмент разведки на основе открытых данных (OSINT world)

An evil RAT (Remote Administration Tool) for macOS / OS X.

XSSMap 是一款基于 Python3 开发用于检测 XSS 漏洞的工具

This cheasheet is aimed at the CTF Players and Beginners to help them understand the fundamentals of Privilege Escalation with examples.

BurpSuite收集：包括不限于 Burp 文章、破解版、插件(非BApp Store)、汉化等相关教程，欢迎添砖加瓦---burpsuite-pro burpsuite-extender burpsuite cracked-version hackbar hacktools fuzzing fuzz-testing burp-plugin burp-extensions bapp-store brute-force-attacks brute-force-passwords waf sqlmap jar

Micro-framework for rapid development of reusable security tools

Browse and search through nmap's NSE scripts.

Monitoring your Slack workspaces for sensitive information

Penetration Testing Platform

Post-Exploitation Framework

🚀 Fast Port Scanner 🚀

oscp-ctf is a small collection of basic Bash scripts that make life easier and save time whether you are in the OSCP labs, HackThebox or playing around with CTFs.

Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能

Learning Penetration Testing of Android Applications

A tool for bug hunting or pentesting for targeting websites that have open .git repositories available in public

China's first CTFTools framework.中国国内首个CTF工具框架,旨在帮助CTFer快速攻克难关

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

Forward shell generation framework

A small Php application to fetch archive url snapshots from archive.org. using it you can fetch complete list of snapshot urls of any year or complete list of all years possible. Made Specially for penetration testing purpose.

Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor

Don't let buffer overflows overflow your mind

Wireshark Cheat Sheet

Spoilerwall introduces a brand new concept in the field of network hardening. Avoid being scanned by spoiling movies on all your ports!

Privilege Escalation Enumeration Script for Windows

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

Our OSCP repo: from popping shells to mental health.

Monitor linux processes without root permissions

Passwords Recovery Tool

ReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.

Domain name permutation engine written in Go