3029 Open source projects that are alternatives of or similar to Oscp Prep

Fast Modular Web Interfaces Bruteforcer

List of every possible vulnerabilities in computer security.

Hacker101 CTF Writeup

A MongoDB importer and API for Project Sonars DNS datasets

A collection of android Exploits and Hacks

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

Collection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)

OneForAll是一款功能强大的子域收集工具

Email recon made fast and easy, with a framework to build on

A tool to automate penetration tests

Perun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架

People tracker on the Internet: OSINT analysis and research tool by Jose Pino

A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.

Homemade Pwnbox 🚀 / Rogue AP 📡 based on Raspberry Pi — WiFi Hacking Cheatsheets + MindMap 💡

Infection vector that bypasses AV, IDS, and IPS. (For now...)

📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.

Dark Web OSINT Tool

⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡

Maryam: Open-source Intelligence(OSINT) Framework

This cheasheet is aimed at the CTF Players and Beginners to help them sort Vulnhub Labs. This list contains all the writeups available on hackingarticles.

Security Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.

Our OSCP repo: from popping shells to mental health.

Securing MEAN Stack (Angular 5) Web Application using Passport Authentication

Simple multi threaded tool to extract domain related data from commoncrawl.org

🔗 All the resources I could find for learning Ethical Hacking and Penetration Testing.

Extract endpoints from APK files

Steganography brute-force utility to uncover hidden data inside files

pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)

a recon tool that allows searching on URLs that are exposed via shortener services

Notes about attacking Jenkins servers

hacker, ready for more of our story ! 🚀

Pentest Tools Framework is a database of exploits, Scanners and tools for penetration testing. Pentest is a powerful framework includes a lot of tools for beginners. You can explore kernel vulnerabilities, network vulnerabilities

一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具，可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如：Title、Domain、CDN、指纹信息、状态信息等。

Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting

Using open Adb ports we can exploit a Andriod Device

Kubernetes Goat is "Vulnerable by Design" Kubernetes Cluster. Designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security.

Reverse Shell as a Service

A collection of public offensive and defensive security related scripts for InfoSec students.

Fast browser-based network discovery module

Vanquish is Kali Linux based Enumeration Orchestrator. Vanquish leverages the opensource enumeration tools on Kali to perform multiple active information gathering phases.

All MITM attacks in one place.

Automated network asset, email, and social media profile discovery and cataloguing.

Attack Surface Management Platform | Sn1perSecurity LLC

hack tools

Snoop — инструмент разведки на основе открытых данных (OSINT world)

An HTTP/HTTPS intercept proxy written in Go.

API, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)

Auto Scanning to SSL Vulnerability

hydra

👶 BabySploit Beginner Pentesting Toolkit/Framework Written in Python 🐍

Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.

👀 🖥️ Golang rewrite of eyes.sh. Let's you perform domain/IP address information gathering. Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?" 🔍 🕵️

⚡️An awesome list of the best Termux hacking tools

Generates malicious LNK file payloads for data exfiltration

This is my OSCP cheat sheet made by combining a lot of different resources online with a little bit of tweaking. I used this cheat sheet during my exam (Fri, 13 Sep 2019) and during the labs. I can proudly say it helped me pass so I hope it can help you as well ! Good Luck and Try Harder

Ghost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device. Ghost Framework gives you the power and convenience of remote Android device administration.

DNS Sub-domain brute forcer, in Python + gevent

Scripts I use during pentest engagements.

Discover Your Attack Surface!

Ladon Network Penetration Scanner for PowerShell, vulnerability / exploit / detection / MS17010/SmbGhost,Brute-Force SMB/IPC/WMI/NBT/SSH/FTP/MSSQL/MYSQL/ORACLE/VNC