980 Open source projects that are alternatives of or similar to Passcat

No description or website provided.

Python AV Evasion Tools

A simple Python script that reads a text file with lots of e-mails and passwords, and tries to check if those credentials are valid by trying to login on IMAP servers.

A tool to test security of json web token

An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)

Hashtopolis - A Hashcat wrapper for distributed hashcracking

Yet Another PHP Shell - The most complete PHP reverse shell

Use envy to manage environment variables with your OS keychain

Detect secrets in your request/response using secretlint.

Selenium powered Python script to automate searching for vulnerable web apps.

Collection of quality safety articles. Awesome articles.

An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.

generates weak passwords based on current date

A fast DOM based XSS vulnerability scanner with simplicity.

Python Interactive Deepweb-oriented Rapid Intelligent Link Analyzer

This repository contains full code examples from the book Gray Hat C#

Applied offensive security with Rust - Early access - https://academy.kerkour.com/black-hat-rust?coupon=GITHUB

Offensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.

A standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)

cobaltstrike ms17-010 module and some other

Offline command line lookup utility for GTFOBins (https://github.com/GTFOBins/GTFOBins.github.io) and LOLBAS (https://github.com/LOLBAS-Project/LOLBAS)

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

A curated list of awesome privilege escalation

Open Redirect Payloads

fireELF - Fileless Linux Malware Framework

Automatically Launch Google Hacking Queries Against A Target Domain

Open source pre-operation C2 server based on python and powershell

Webshell Manager

Container with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters

👻Stowaway -- Multi-hop Proxy Tool for pentesters

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。

Program to reverse Docker images into Dockerfiles

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

Scan your code for security misconfiguration, search for passwords and secrets. 🔍

ReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.

A curated list of awesome OSCP resources

个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

CVE-2016-8610 (SSL Death Alert) PoC

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

API, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)

macro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments. The goal of macro_pack is to simplify exploitation, antimalware bypass, and automatize the process from malicious macro and script generation to final document generation. It also provides a lot of helpful features useful for redteam or security research.

All releases of the security research group (a.k.a. hackers) The Hacker's Choice

Venom - A Multi-hop Proxy for Penetration Testers

Script collection to bypass Network Access Control (NAC, 802.1x)

Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network

Python3 script to perform LDAP queries and enumerate users, groups, and computers from Windows Domains. Ldap_Search can also perform brute force/password spraying to identify valid accounts via LDAP.

Python3 script to parse txt files containing Mimikatz output

Tool to migrate AWX to a new instance

DeepSea Phishing Gear

Automatically spawn a reverse shell fully interactive for Linux or Windows victim

Vagrant VirtualBox environment for conducting an internal network penetration test

This is my OSCP cheat sheet made by combining a lot of different resources online with a little bit of tweaking. I used this cheat sheet during my exam (Fri, 13 Sep 2019) and during the labs. I can proudly say it helped me pass so I hope it can help you as well ! Good Luck and Try Harder

Penetration Testing notes, resources and scripts

A list to discover work of red team tooling and methodology for penetration testing and security assessment

Fast Modular Web Interfaces Bruteforcer

DLL Password Filter Implant with Exfiltration Capabilities

A PowerShell-based toolkit and framework consisting of a collection of techniques and tradecraft for use in red team, post-exploitation, adversary simulation, or other offensive security tasks.