3029 Open source projects that are alternatives of or similar to Oscp Prep

Next generation web scanner

Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.

Sifter aims to be a fully loaded Op Centre for Pentesters

Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

HostHunter a recon tool for discovering hostnames using OSINT techniques.

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

swiss army knife for hackers

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

All releases of the security research group (a.k.a. hackers) The Hacker's Choice

OSINT Tool: Generate username lists for companies on LinkedIn

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.

Penetration Testing notes, resources and scripts

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

🏴‍☠️ Information Gathering tool 🏴‍☠️ DNS / Subdomains / Ports / Directories enumeration

🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.

Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns

Web path scanner

Python Interactive Deepweb-oriented Rapid Intelligent Link Analyzer

File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

A high performance offensive security tool for reconnaissance and vulnerability scanning

pentest framework

Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.

My own OSCP guide

Python 3.5+ DNS asynchronous brute force utility

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

Idiomatic nmap library for go developers

An advanced tool for email reconnaissance

An Arch Linux repository for security professionals and enthusiasts. Done the Arch Way and optimized for i686, x86_64, ARMv6, ARMv7 and ARMv8.

Scan .onion hidden services with nmap using Tor, proxychains and dnsmasq in a minimal alpine Docker container.

A curated list of awesome privilege escalation

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能

JustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)

A small Php application to fetch archive url snapshots from archive.org. using it you can fetch complete list of snapshot urls of any year or complete list of all years possible. Made Specially for penetration testing purpose.

Automatically Launch Google Hacking Queries Against A Target Domain

Useful tools and scripts during Penetration Testing engagements

Extension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.

This cheasheet is aimed at the CTF Players and Beginners to help them sort the CTF Challenges on the basis of Difficulties.

An OSINT tool to gather information about the real owner of a phone number

Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.

Notes for taking the OSCP in 2097. Read in book form on GitBook

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

🔪 Leak git repositories from misconfigured websites

Hacking Toolkit

A collection of more than 140+ tools, scripts, cheatsheets and other loots that I have developed over years for Red Teaming/Pentesting/IT Security audits purposes. Most of them came handy on at least one of my real-world engagements.

Python based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.

Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

K8Cscan大型内网渗透自定义插件化扫描神器，包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用，程序采用多线程批量扫描大型内网多个IP段C段主机，目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本，支持Cobalt Strike联动

Making Favicon.ico based Recon Great again !

Ruby on Rails Phishing Framework

Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.

Browser Exploitation Framework is a Open-source penetration testing tool that focuses on browser-based vulnerabilities .This Python Script does the changes Required to make hooked Linked Accessible Over WAN .So anyone can use this framework and Attack Over WAN without Port Forwarding [NGROK or any Localhost to Webhost Service Required ]

Semi-automatic OSINT framework and package manager

A curated list of awesome OSCP resources