650 Open source projects that are alternatives of or similar to PandorasBox

recon-ng modules for Censys

A wrapper for Nmap to quickly run network scans

Pentesting/Bugbounty Dockerfiles.

Wireshark Cheat Sheet

PENIOT: Penetration Testing Tool for IoT

A list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP (and more) study material. Commands in 'Usefulcommands' Keepnote. Bookmarks and reading material in 'BookmarkList' CherryTree. Reconscan Py2 and Py3. Custom ISO building.

Multithreaded Plugin based vulnerability scanner for mass detection of web-based applications vulnerabilities

Выпускная квалификационная работа (ВКР) магистра в LaTeX, оформленная в соответствии с нормоконтролем Севастопольского государственного университета в 2017 г.

This document proposes a way of standardising the structure, language, and grammar used in security policies.

Ary 是一个集成类工具，主要用于调用各种安全工具，从而形成便捷的一键式渗透。

Python Interactive Deepweb-oriented Rapid Intelligent Link Analyzer

Exploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)

Penetration test Achieve Knowledge Unite Rapid Interface

🦄🔒 Awesome list of secrets in environment variables 🖥️

GUI based offensive penetration testing tool (Open Source)

Tool to bypass 40X response codes.

A Tools Session Hijacking And Stealer Local Passcode Telegram Windows

List of Bluetooth BR/EDR/LE security resources

A collection of personal scripts used in hacking excercises.

graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology is behind a given GraphQL endpoint.

Awesome hacking is an awesome collection of hacking tools.

Nuubi Tools (Information-ghatering|Scanner|Recon.)

🔄 A collection of mitmproxy inline scripts

unix SSH post-exploitation 1337 tool

The ldap2json script allows you to extract the whole LDAP content of a Windows domain into a JSON file.

my oscp prep collection

A replacement of "qsreplace", accepts URLs as standard input, replaces all query string values with user-supplied values and stdout.

Common password pattern generator using strings list

This script will you help to find the information about the website and to help in penetrating testing

A collection of public offensive and defensive security related scripts for InfoSec students.

[WIP] Anti-Forensics ToolKit to clear post-intrusion sensible logfiles 🔥 (For Research Only)

A collection of Ansible roles for automating infosec builds.

VOIP Security Audit Framework

SSH man-in-the-middle tool

AWSXenos will list all the trust relationships in all the IAM roles and S3 buckets

A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.

Command line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.

Information Security Library

GitBook: OSCP RoadMap

Para pencari bug / celah kemanan bisa bergabung.

Collection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)

Bash script that automates the enumeration of domains and DNS servers in the active information gathering.

The Collective. A repo for a collection of red-team projects found mostly on Github.

Oracle Database Penetration Testing Reference (10g/11g)

🔪 Leak git repositories from misconfigured websites

Cheat-Sheet of tools for penetration testing

SQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcing

CdkGoat is Bridgecrew's "Vulnerable by Design" AWS CDK repository. CdkGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.

Detect hidden files and text in images

Find endpoints on GitHub.

Infection vector that bypasses AV, IDS, and IPS. (For now...)

The ldapconsole script allows you to perform custom LDAP requests to a Windows domain.

This is an open source tool to dump the wifi profiles and cleartext passwords of the connected access points on the Windows machine. This tool will help you in a Wifi penetration testing. Furthermore, it is useful while performing red team or an internal infrastructure engagements.

JSON RSA to HMAC and None Algorithm Vulnerability POC

Wordpress 🔥 Joomla 🔥 Drupal 🔥 OsCommerce 🔥 Prestashop 🔥 Opencart 🔥

Rubyfu, where Ruby goes evil!

AV-evading Pythonic Reverse Shell with Dynamic Adaption Capabilities

Astra is a tool to find URLs and secrets inside a webpage/files

Armor is a simple Bash script designed to create encrypted macOS payloads capable of evading antivirus scanners.

Cameradar hacks its way into RTSP videosurveillance cameras