1340 Open source projects that are alternatives of or similar to Penetration Testing Study Notes

All in One CRACKER911181's Tool. This Tool For Hacking and Pentesting. 🎭

Automated brute-forcing attack tool.

Android Apps, Roms and Platforms for Pentesting

Harden the world is a community driven project to develop hardening guidelines and checklists for common software and devices.

A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.

This is the official main repository for the Assimilation project

Bot18 is a high-frequency cryptocurrency trading bot developed by Zenbot creator @carlos8f

TESLA PowerWall 2 Security Shenanigans

Enumerate usernames on a domain where you have no creds by using SMB Relay with low priv.

The iCTF Framework, presented by Shellphish!

Tool to communicate with RPC services and check misconfigurations on NFS shares

Hetty is an HTTP toolkit for security research.

All in One Termux Os..!! (New)

A Collection of articles, videos, blogs, talks and other materials on Node.js Security

Totally Insecure Web Application Project (TIWAP)

Modular personalized dictionary generator.

Web Pentesting Fuzz 字典,一个就够了。

Goca Scanner

Spray365 makes spraying Microsoft accounts (Office 365 / Azure AD) easy through its customizable two-step password spraying approach. The built-in execution plan features options that attempt to bypass Azure Smart Lockout and insecure conditional access policies.

Payload Arsenal for Pentration Tester and Bug Bounty Hunters

Full Speed Instagram Cracker

Collection of IT whitepapers, presentations, pdfs; hacking, web app security, db, reverse engineering and more; EN/PL.

BadUSB Teensy downexec exploit support Windows & Linux / Windows Cmd & PowerShell addUser exploit

Company Passwords Profiler (aka ComPP) helps making a bruteforce wordlist for a targeted company.

渗透测试☞经验/思路/总结/想法/笔记

🐙 Cross-document messaging security research tool powered by https://enso.security

Red Team Toolkit is an Open-Source Django Offensive Web-App which is keeping the useful offensive tools used in the red-teaming together.

Scan secrets from Continuous Integration Build Logs

secureCodeBox (SCB) - continuous secure delivery out of the box

Dark-Phish is a complete phishing tool. For more about Dark-Phish tool please visit the website.

🥀 Search Engine Tookit，URL采集、Favicon哈希值查找真实IP、子域名查找

Ansible playbook roles for security

ParadoxiaRat : Native Windows Remote access Tool.

General stuff for pentesting - password cracking, phishing, automation, Kali, etc.

A cross-platform python based utility for information gathering and penetration testing automation!

Vulnerable software and exploits used for OSCP/OSCE preparation

🎯 XML External Entity (XXE) Injection Payload List

VulWebaju is a platform that automates setting up your pen-testing environment for learning purposes.

Python 3.5+ DNS asynchronous brute force utility

DDOS Tool: To take down small websites with HTTP FLOOD. Port scanner: To know the open ports of a site. FTP Password Cracker: To hack file system of websites.. Banner Grabber: To get the service or software running on a port. (After knowing the software running google for its vulnerabilities.) Web Spider: For gathering web application hacking information. Email scraper: To get all emails related to a webpage IMDB Rating: Easy way to access the movie database. Both .exe(compressed as zip) and .py versions are available in files.

Automated tool for WiFi hacking.

useful pentest note

A proof of concept crypto virus to spread user awareness about attacks and implications of ransomwares. Phirautee is written purely using PowerShell and does not require any third-party libraries. This tool steals the information, holds an organisation’s data to hostage for payments or permanently encrypts/deletes the organisation data.

DEPRECATED, wifipumpkin3 -> https://github.com/P0cL4bs/wifipumpkin3

Penetration Test Framwork

A Python Tool For google Hacking

No description or website provided.

:.IP webcam penetration test suit.:

Reverse shell manager using tmux and ncat

WordPress pentest tool

个人笔记汇总

Pentest/BugBounty progress control with scanning modules

Go library for credentials recovery

linux-kernel-exploits Linux平台提权漏洞集合

📱 objection - runtime mobile exploration

Decrypt passwords/cookies/history/bookmarks from the browser. 一款可全平台运行的浏览器数据导出解密工具。

Custom security distro for remote penetration testing

Collection of several DDos tools.

渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms

Python API bindings for FireEye Products