1522 Open source projects that are alternatives of or similar to Oscp Pentest Methodologies

Red Teaming Tactics and Techniques

JerseyCTF 2021

Writeups for vulnerable machines.

An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)

OSINT Bookmarks for Firefox / Chrome / Edge / Safari

repo with challenge material for riceteacatpanda (2020)

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Collection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)

a commandline #OSINT tool to find the online presence of a username in popular social media websites like Facebook, Instagram, Twitter, etc.

[WIP] Anti-Forensics ToolKit to clear post-intrusion sensible logfiles 🔥 (For Research Only)

Forward shell generation framework

A small Php application to fetch archive url snapshots from archive.org. using it you can fetch complete list of snapshot urls of any year or complete list of all years possible. Made Specially for penetration testing purpose.

Collection of several DDos tools.

XSSMap 是一款基于 Python3 开发用于检测 XSS 漏洞的工具

A Powerful Penetration Tool For Automating Penetration Tasks Such As Local Privilege Escalation, Enumeration, Exfiltration and More... Use Or Build Automation Modules To Speed Up Your Cyber Security Life

Notes from OSCP, CTF, security adventures, etc...

An HTTP/HTTPS intercept proxy written in Go.

做redteam时使用，修改自Ridter的https://github.com/Ridter/Intranet_Penetration_Tips

recon-ng modules for Censys

A platform to develop, run and administer CTF competitions. The online echoCTF.RED platform user interfaces and codebase

Bifrost C2. Open-source post-exploitation using Discord API

Bella is a pure python post-exploitation data mining tool & remote administration tool for macOS. 🍎💻

Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.

metasploit-framework 图形界面 / 图形化内网渗透工具

Spoilerwall introduces a brand new concept in the field of network hardening. Avoid being scanned by spoiling movies on all your ports!

The Last Web Recon Tool You'll Need

Snoop — инструмент разведки на основе открытых данных (OSINT world)

Privilege Escalation Enumeration Script for Windows

Pentesting suite for Maltego based on data in a Metasploit database

Exploit pack for pentesters and ethical hackers.

Proton Framework is a Windows post-exploitation framework similar to other Windows post-exploitation frameworks. The major difference is that the Proton Framework does most of its operations using Windows Script Host, with compatibility in the core to support a default installation of Windows 2000 with no service packs all the way through Windows 10.

M3m0 Tool ⚔️ Website Vulnerability Scanner & Auto Exploiter

DEFCON CTF 2017 Stuff of Shit by HITCON

Web hacking framework with tools, exploits by python

internet monitoring osint telegram bot for windows

Dumping SAM / SECURITY / SYSTEM registry hives with a Beacon Object File

A tool to hunt for publicly accessible DigitalOcean Spaces

zynix-Fusion is a framework that aims to centralize, standardizeand simplify the use of various security tools for pentest professionals.zynix-Fusion (old name: Linux evil toolkit) has few simple commands, one of which is theinit function that allows you to define a target, and thus use all the toolswithout typing anything else.

VirusTotal Wanna Be - Now with 100% more Hipster

This code is vulnerable to SQL Injection and having SQLite database. For SQLite database, SQL Injection payloads are different so it is for fun. Just enjoy it \m/

📢 🔒 Exploit farm for attack-defense CTF competitions

Here record some tips about pwn. Something is obsoleted and won't be updated. Sorry about that.

A Tools Session Hijacking And Stealer Local Passcode Telegram Windows

OWASP Honeypot, Automated Deception Framework.

Just Another Linux Enumeration Script: A Bash script for locally enumerating a compromised Linux box

Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network

Browser Exploitation Framework is a Open-source penetration testing tool that focuses on browser-based vulnerabilities .This Python Script does the changes Required to make hooked Linked Accessible Over WAN .So anyone can use this framework and Attack Over WAN without Port Forwarding [NGROK or any Localhost to Webhost Service Required ]

Single Page Cheatsheet for common MSF Venom One Liners

SQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcing

Chrome Keylogger Extension | Post Exploitation Tool

How to prepare for OSCP complete guide

PwnableWeb is a suite of web applications for use in information security training.

A sandbox to protect your pwn challenges being pwned in CTF AWD.

An advanced graphical search engine for Exploit-DB

Tool to automate common OSINT tasks

🔒 A curated checklist of 300+ tips for protecting digital security and privacy in 2021

A tool to abuse Exchange services

Whalescan is a vulnerability scanner for Windows containers, which performs several benchmark checks, as well as checking for CVEs/vulnerable packages on the container

Uses Empire's (https://github.com/BC-SECURITY/Empire) RESTful API to automate gaining Domain and/or Enterprise Admin rights in Active Directory environments using some of the most common offensive TTPs.