3029 Open source projects that are alternatives of or similar to Oscp Prep

NSA Hacking Tool Recreation UnitedRake

Burp extension to decode NTLM SSP headers and extract domain/host information

Discover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty

Reverse proxies cheatsheet

Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.

Self contained htaccess shells and attacks

A Tool for Domain Flyovers

My notebook for OSCP Lab

List of every possible vulnerabilities in computer security.

Advanced Web Shell

Collection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi

linuxprivchecker.py -- a Linux Privilege Escalation Check Script

Collection of things made during my OSCP journey

GitBook: OSCP RoadMap

Selenium powered Python script to automate searching for vulnerable web apps.

Port scanning and domain utility.

😈 Jenkins RCE PoC. From unauthenticated user to remote code execution, it's a hacker's dream!

Security and Hacking Tools, Exploits, Proof of Concepts, Shellcodes, Scripts.

A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.

An automated target reconnaissance pipeline.

渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms

Packer Fuzzer is a fast and efficient scanner for security detection of websites constructed by javascript module bundler such as Webpack.

Perun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架

Let's you perform domain/IP information gathering... in BASH! Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?"

Comprehensive Web Based Phishing Suite for Rapid Deployment and Real-Time Alerting!

People tracker on the Internet: OSINT analysis and research tool by Jose Pino

A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.

Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands on training!

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

Email recon made fast and easy, with a framework to build on

Fast Modular Web Interfaces Bruteforcer

Collection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)

Ferramenta para quebrar senhas administrativas de roteadores Wireless, routers, switches e outras plataformas de gestão de serviços de rede autenticados.

⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡

Homemade Pwnbox 🚀 / Rogue AP 📡 based on Raspberry Pi — WiFi Hacking Cheatsheets + MindMap 💡

Dark Web OSINT Tool

Scripts I use during pentest engagements.

iblessing is an iOS security exploiting toolkit, it mainly includes application information collection, static analysis and dynamic analysis. It can be used for reverse engineering, binary analysis and vulnerability mining.

👻 A LAN dropbox chatbot controllable via Telegram

Infection vector that bypasses AV, IDS, and IPS. (For now...)

pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)

Securing MEAN Stack (Angular 5) Web Application using Passport Authentication

被动式漏洞扫描系统

📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.

a recon tool that allows searching on URLs that are exposed via shortener services

Simple multi threaded tool to extract domain related data from commoncrawl.org

🔗 All the resources I could find for learning Ethical Hacking and Penetration Testing.

Ladon Pentest Scanner framework 全平台LadonGo开源内网渗透扫描器框架，使用它可轻松一键批量探测C段、B段、A段存活主机、高危漏洞检测MS17010、SmbGhost，远程执行SSH/Winrm，密码爆破SMB/SSH/FTP/Mysql/Mssql/Oracle/Winrm/HttpBasic/Redis，端口扫描服务识别PortScan指纹识别/HttpBanner/HttpTitle/TcpBanner/Weblogic/Oxid多网卡主机，端口扫描服务识别PortScan。

A OSINT tool to obtain a target's phone number just by having his email address

🤖 The Modern Port Scanner 🤖

Maryam: Open-source Intelligence(OSINT) Framework

Our OSCP repo: from popping shells to mental health.

Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting

Kubernetes Goat is "Vulnerable by Design" Kubernetes Cluster. Designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security.

Using open Adb ports we can exploit a Andriod Device

👶 BabySploit Beginner Pentesting Toolkit/Framework Written in Python 🐍

Snoop — инструмент разведки на основе открытых данных (OSINT world)

Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.

An HTTP/HTTPS intercept proxy written in Go.

API, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)