1382 Open source projects that are alternatives of or similar to Payloads

🛡️ Make your web services secure by default !

FAQ del mundo de la seguridad informática en español.

Damn Vulnerable Web Application Docker container

[unmaintained] Post-exploitation tool

WPrecon (WordPress Recon), is a vulnerability recognition tool in CMS Wordpress, developed in Go and with scripts in Lua.

Explore Indicators of Compromise Automatically

Web app that provides basic navigation and annotation of ATT&CK matrices

Metasploit custom modules, plugins, resource script and.. awesome metasploit collection

🏴‍☠️ Information Gathering tool 🏴‍☠️ DNS / Subdomains / Ports / Directories enumeration

Scripts I use during pentest engagements.

Small tool to package javascript into a valid image file.

📡 A python program to create a fake AP and sniff data.

An OSINT tool to gather information about the real owner of a phone number

🔒 A curated checklist of 300+ tips for protecting digital security and privacy in 2021

Nmap on steroids. Simple CLI with the ability to run pure Nmap engine, 31 modules with 459 scan profiles.

MSFvenom Payload Creator (MSFPC)

OWASP SecurityRAT (version 1.x) - Tool for handling security requirements in development

🔓 A dynamic dictionary merger for successful dictionary based attacks.

🔎 Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.

A stealthy Python based Windows backdoor that uses Github as a command and control server

Analysing parameters with all payloads' bypass methods, aiming at benchmarking security solutions like WAF.

Python network worm that spreads on the local network and gives the attacker control of these machines.

🪓 a multi-threaded, low-bandwidth HTTP DOS tool

Security control framework mappings to MITRE ATT&CK provide a critically important resource for organizations to assess their security control coverage against real-world threats and provide a bridge for integrating ATT&CK-based threat information into the risk management process.

macOS FileVault cracking tool

🐳 Full-fledged Android SDK Docker Image

A tool to check a bunch of URLs that contain reflecting params.

Directory Services Internals (DSInternals) PowerShell Module and Framework

备考 OSCP 的各种干货资料/渗透测试干货资料

An application to assist in the organization and prioritization of software security activities.

Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependencies. CI and Git friendly.

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

Adds a customizable "Send to..."-context-menu to your BurpSuite.

Auto IP or Domain Attack Tool ( #1 )

A rust based cross-platform ECU diagnostics and car hacking application, utilizing the passthru protocol

All-in-one tool for managing vulnerability reports from AppSec pipelines

Linux enumeration tool for pentesting and CTFs with verbosity levels

Spoilerwall introduces a brand new concept in the field of network hardening. Avoid being scanned by spoiling movies on all your ports!

File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.

Bringing you the best of the worst files on the Internet.

The DevSecOps toolset for REST APIs

some pentest scripts & tools by [email protected]

Open source solution to check prospective AD passwords against previously breached passwords

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Multi-thread Twitter BruteForcer in Shell Script

Utilities for working with the Pwned Passwords database from Django.

SMB Relay Attack Script

Automatically spawn a reverse shell fully interactive for Linux or Windows victim

Educational, CTF-styled labs for individuals interested in Memory Forensics

A collection of c++ programs that demonstrate common ways to detect the presence of an attached debugger.

CTF Cheatsheet

Advanced and easy to use penetration testing framework 💣🔎

A simple Java command-line utility to mirror the CVE JSON data from NIST.

Automatically forward HTTP GET & POST requests to SQLMap's API to test for SQLi and XSS

Fast browser-based network discovery module

Docker images for infosec tools

AutoIt HackTool, Shortcuts .lnk Payloads Generator As LNK-KISSER.

Find exploits in local and online databases instantly

Java web and command line applications demonstrating various security topics