609 Open source projects that are alternatives of or similar to Oscp

My proof-of-concept exploits for the Linux kernel

My documentation and tools for learn ethical hacking.

Bash script purposed for system enumeration, vulnerability identification and privilege escalation.

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)

Suggests programs to run against services found during the enumeration phase of a Pentest

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

A curated list of awesome privilege escalation

A collection of resources I'm using while working toward the OSCP

my oscp prep collection

Vulnerable software and exploits used for OSCP/OSCE preparation

Search for Unix binaries that can be exploited to bypass system security restrictions.

A collection of links related to Linux kernel security and exploitation

Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps. 👻🐚

⬆️ ☠️ Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, polkit, docker socket

A collection of hacking / penetration testing resources to make you better!

Python Powered Repository

A tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo for linux privilege escalation.

Brahma - Privilege elevation exploit for Nintendo 3DS

A command-line tool for exploiting stack-based buffer overflow vulnerabilities.

Linux enumeration tool for pentesting and CTFs with verbosity levels

This cheasheet is aimed at the CTF Players and Beginners to help them understand the fundamentals of Privilege Escalation with examples.

Collection of different exploits

A standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)

A collection of more than 140+ tools, scripts, cheatsheets and other loots that I have developed over years for Red Teaming/Pentesting/IT Security audits purposes. Most of them came handy on at least one of my real-world engagements.

Hypervisor Memory Introspection Core Library

Modified template for the OSCP Exam and Labs. Used during my passing attempt

WADComs is an interactive cheat sheet, containing a curated list of Unix/Windows offensive tools and their respective commands.

CVE-2018-8120 Windows LPE exploit

My collection of Python Programs

@skalavala 👍 Nothing But Smarthome Stuff! - By Mahasri Kalavala

Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.

Tanel Poder's Troubleshooting & Performance Tools for Oracle Databases

Windows Privilege Escalation Techniques and Scripts

Blueborne CVE-2017-0785 Android information leak vulnerability

a unique framework for cybersecurity simulation and red teaming operations, windows auditing for newer vulnerabilities, misconfigurations and privilege escalations attacks, replicate the tactics and techniques of an advanced adversary in a network.

OWASP Joomla Vulnerability Scanner Project

windows-kernel-exploits Windows平台提权漏洞集合

Notes for taking the OSCP in 2097. Read in book form on GitBook

My first Android app: Launch Fusée Gelée payloads from stock Android (CVE-2018-6242)

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

hack tools

A Bash script that downloads and unzips scripts that will aid with privilege escalation on a Linux system.

A tool to help you write binary exploits

Framework to test any Anti-Cheat

ToRat is a Remote Administation tool written in Go using Tor as a transport mechanism and RPC for communication

Cloak can backdoor any python script with some tricks.

All releases of the security research group (a.k.a. hackers) The Hacker's Choice

This is my cheatsheet and scripts developed while taking the Offensive Security Penetration Testing with Kali Linux course.

Detect deauthentication frames using an ESP8266

K8Cscan大型内网渗透自定义插件化扫描神器，包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用，程序采用多线程批量扫描大型内网多个IP段C段主机，目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本，支持Cobalt Strike联动

USB Rubber Ducky type scripts written for the DigiSpark.

Full exploit chain (CVE-2019-11708 & CVE-2019-9810) against Firefox on Windows 64-bit.

Defeating Patchguard universally for Windows 8, Windows 8.1 and all versions of Windows 10 regardless of HVCI

Discovering vulnerabilities in firmware through concolic analysis and function clustering.

This repository contains several applications, demonstrating the Meltdown bug.

Proofs-of-concept

linux-kernel-exploits Linux平台提权漏洞集合

Various kernel exploits

An IDA Pro plugin to examine the glibc heap, focused on exploit development

Automated Mass Exploiter