980 Open source projects that are alternatives of or similar to Passcat

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)

Load a fresh new copy of ntdll.dll via file mapping to bypass API inline hook.

LeakScraper is an efficient set of tools to process and visualize huge text files containing credentials. Theses tools are designed to help penetration testers and redteamers doing OSINT by gathering credentials belonging to their target.

mXtract - Memory Extractor & Analyzer

A curated list of awesome OSCP resources

Bash script purposed for system enumeration, vulnerability identification and privilege escalation.

pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

A list to discover work of red team tooling and methodology for penetration testing and security assessment

Venom - A Multi-hop Proxy for Penetration Testers

Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

Chashell is a Go reverse shell that communicates over DNS. It can be used to bypass firewalls or tightly restricted networks.

个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

Spoilerwall introduces a brand new concept in the field of network hardening. Avoid being scanned by spoiling movies on all your ports!

AWS Secrets Manager Credentials Provider for Jenkins

Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.

Script collection to bypass Network Access Control (NAC, 802.1x)

CVE-2016-8610 (SSL Death Alert) PoC

Fast Modular Web Interfaces Bruteforcer

DeepSea Phishing Gear

Collection of quality safety articles. Awesome articles.

🚀 Fast Port Scanner 🚀

Container with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters

Set of tools to audit SIP based VoIP Systems

SSRF (Server Side Request Forgery) testing resources

Program to reverse Docker images into Dockerfiles

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

Hacking Toolkit

A wrapper for Nmap to quickly run network scans

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

Perun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架

A Hashcat wrapper for distributed hashcracking

A web front-end for password cracking and analytics

API, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)

macro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments. The goal of macro_pack is to simplify exploitation, antimalware bypass, and automatize the process from malicious macro and script generation to final document generation. It also provides a lot of helpful features useful for redteam or security research.

Snoop — инструмент разведки на основе открытых данных (OSINT world)

Python3 script to perform LDAP queries and enumerate users, groups, and computers from Windows Domains. Ldap_Search can also perform brute force/password spraying to identify valid accounts via LDAP.

Automatically spawn a reverse shell fully interactive for Linux or Windows victim

A set of recipes useful in pentesting and red teaming scenarios

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

mosquito - Automating reconnaissance and brute force attacks

Automation for internal Windows Penetrationtest / AD-Security

Webshell Manager

Python3 script to parse txt files containing Mimikatz output

This repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions

DLL Password Filter Implant with Exfiltration Capabilities

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

Tool to migrate AWX to a new instance

Know the dangers of credential reuse attacks.

An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.

Python Interactive Deepweb-oriented Rapid Intelligent Link Analyzer

A Cloudflare resolver that works

Red Teaming Tactics and Techniques

A tool to test security of json web token

ReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.

👻Stowaway -- Multi-hop Proxy Tool for pentesters

hydra

The Collective. A repo for a collection of red-team projects found mostly on Github.