657 Open source projects that are alternatives of or similar to Oscprepo

Opening the door, one reverse shell at a time

Collection of the cheat sheets useful for pentesting

备考 OSCP 的各种干货资料/渗透测试干货资料

TryHackMe CTFs writeups, notes, drafts, scrabbles, files and solutions.

A tool to test security of json web token

A collection of resources I'm using while working toward the OSCP

Suggests programs to run against services found during the enumeration phase of a Pentest

AV-evading Pythonic Reverse Shell with Dynamic Adaption Capabilities

Notes from OSCP, CTF, security adventures, etc...

This repository contains writeups for various CTFs I've participated in (Including Hack The Box).

Subdomain enumeration through various techniques

Burp Suite extension to passively scan for applications revealing server error messages

Cheat-Sheet of tools for penetration testing

A Golang implant that uses Slack as a command and control server

🆕 The Multi-Tool Web Vulnerability Scanner.

Burp extension to passively scan for applications revealing software version numbers

Python Interactive Deepweb-oriented Rapid Intelligent Link Analyzer

A collection of various awesome lists for hackers, pentesters and security researchers

溯光 (TrackRay) 3 beta⚡渗透测试框架（资产扫描|指纹识别|暴力破解|网页爬虫|端口扫描|漏洞扫描|代码审计|AWVS|NMAP|Metasploit|SQLMap）

Let's you perform domain/IP information gathering... in BASH! Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?"

An Infrastructure as Code (IaC) deployment of a small Active Directory pentest lab in the cloud. The deployment simulates a semi-realistic corporate enterprise Active Directory with a DC and endpoints. Purple team goals include blue team detection capabilities and R&D for detection engineering new approaches.

Offensive Web Testing Framework (OWTF), is a framework which tries to unite great tools and make pen testing more efficient http://owtf.org https://twitter.com/owtfp

Collection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)

Pop shells like a master.

Bruteforce HTTP Authentication

This tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs enabling attackers to read data they shouldn't be able to. This tool is originally based on Microsoft: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in

The Collective. A repo for a collection of red-team projects found mostly on Github.

A collection of hacking / penetration testing resources to make you better!

SSRF (Server Side Request Forgery) testing resources

DLL Password Filter Implant with Exfiltration Capabilities

Gives you one-liners that aids in penetration testing operations, privilege escalation and more

🔪 Leak git repositories from misconfigured websites

unix SSH post-exploitation 1337 tool

python3写的综合扫描工具，主要用来存活验证，敏感文件探测(目录扫描/js泄露接口/html注释泄露)，WAF/CDN识别，端口扫描，指纹/服务识别，操作系统识别，POC扫描，SQL注入，绕过CDN，查询旁站等功能，主要用来甲方自测或乙方授权测试，请勿用来搞破坏。

Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network

How to prepare for OSCP complete guide

Content for hackingthe.cloud

Browser Exploitation Framework is a Open-source penetration testing tool that focuses on browser-based vulnerabilities .This Python Script does the changes Required to make hooked Linked Accessible Over WAN .So anyone can use this framework and Attack Over WAN without Port Forwarding [NGROK or any Localhost to Webhost Service Required ]

Single Page Cheatsheet for common MSF Venom One Liners

📙 Markdown Templates for Offensive Security OSCP, OSWE, OSCE, OSEE, OSWP exam report

SQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcing

Hooks in to interesting functions and helps reverse the web app faster.

nray distributed port scanner

Powerful Visual Subdomain Enumeration at the Click of a Mouse

An advanced graphical search engine for Exploit-DB

Detect hidden files and text in images

Script collection to bypass Network Access Control (NAC, 802.1x)

Container with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters

The Robot Security Framework (RSF), Robot Security Framework (RSF), a standardized methodology to perform security assessments in robotics.

Burp Bounty profiles compilation, feel free to contribute!

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Sparty - MS Sharepoint and Frontpage Auditing Tool [Unofficial]

🔎 Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.

Common password pattern generator using strings list

Infection vector that bypasses AV, IDS, and IPS. (For now...)

Our OSCP repo: from popping shells to mental health.

Penetration test Achieve Knowledge Unite Rapid Interface

Dorks for shodan.io. Some basic shodan dorks collected from publicly available data.

A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python