1382 Open source projects that are alternatives of or similar to Payloads

🎯 XML External Entity (XXE) Injection Payload List

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

Xss Payload Generator ~ Xss Scanner ~ Xss Dork Finder

A list of resources for those interested in getting started in bug bounties

Hacking tools

Collection of quality safety articles. Awesome articles.

Dorks for shodan.io. Some basic shodan dorks collected from publicly available data.

This repository contains writeups for various CTFs I've participated in (Including Hack The Box).

Audit tool to find common vulnerabilities in PHP source code

🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List

🎯 SQL Injection Payload List

🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks

A list of payload and bypass lists for penetration testing and red team infrastructure build.

The all-in-one Red Team extension for Web Pentester 🛠

Offensive tools as Dockerfiles. Lightweight & Ready to go

Python Interactive Deepweb-oriented Rapid Intelligent Link Analyzer

RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.

Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns

A list of useful payloads for Web Application Security and Pentest/CTF

Powerfull XSS Scanning and Parameter analysis tool&gem

Next generation web scanner

pentest framework

🎯 RFI/LFI Payload List

Penetration tests guide based on OWASP including test cases, resources and examples.

Get All Registered Wifi Passwords from Target Computer.

Automated Adversary Emulation Platform

This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.

cve-2019-0604 SharePoint RCE exploit

Awesome Node.js Security resources

A container repository for my public web hacks!

A super portable botnet framework with a Django-based C2 server. The client is written in C++, with alternate clients written in Rust, Bash, and Powershell.

Fast Modular Web Interfaces Bruteforcer

Keye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will make a request to these URLs and try to detect changes based on their response's body length.

This is my OSCP cheat sheet made by combining a lot of different resources online with a little bit of tweaking. I used this cheat sheet during my exam (Fri, 13 Sep 2019) and during the labs. I can proudly say it helped me pass so I hope it can help you as well ! Good Luck and Try Harder

Robot Vulnerability Database. An archive of robot vulnerabilities and bugs.

🎯 Open Redirect Payload List

An ongoing list of virtual cybersecurity conferences.

Set of tools to audit SIP based VoIP Systems

Container with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters

Its a framework filled with alot of options and hacking tools you use directly in the script from brute forcing to payload making im still adding more stuff i now have another tool out called htkl-lite its hackers-tool-kit just not as big and messy to see updates check on my instagram @tuf_unkn0wn or if there are any problems message me on instagram

Vagrant VirtualBox environment for conducting an internal network penetration test

Entropy Toolkit is a set of tools to provide Netwave and GoAhead IP webcams attacks. Entropy Toolkit is a powerful toolkit for webcams penetration testing.

The ultimate WinRM shell for hacking/pentesting

Pop shells like a master.

XSScope is one of the most powerful and advanced GUI Framework for Modern Browser exploitation via XSS.

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

Hooks in to interesting functions and helps reverse the web app faster.

Data leak checker & OSINT Tool

Enine boyuna siber güvenlik

🎯 Server Side Template Injection Payloads

Portia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised. Portia performs privilege escalation as well as lateral movement automatically in the network

Leverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.

XSS'OR - Hack with JavaScript.

Passwords Recovery Tool

Proton Framework is a Windows post-exploitation framework similar to other Windows post-exploitation frameworks. The major difference is that the Proton Framework does most of its operations using Windows Script Host, with compatibility in the core to support a default installation of Windows 2000 with no service packs all the way through Windows 10.

Source code for Hacker101.com - a free online web and mobile security class.

JSshell - JavaScript reverse/remote shell

Python library and CLI for the Bug Bounty Recon API

大型内网渗透扫描器&Cobalt Strike，Ladon8.9内置120个模块，包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2，密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem，Poc/Exploit,支持Cobalt Strike 3.X-4.0