2942 Open source projects that are alternatives of or similar to Pentesting_toolkit

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡

Hide secrets with invisible characters in plain text securely using passwords 🧙🏻‍♂️⭐

Advanced and easy to use penetration testing framework 💣🔎

Useful CTF Tools

PacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.

Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.

📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.

An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

⚡️ Worlds fastest steghide cracker, chewing through millions of passwords per second ⚡️

Exploit Development, Reverse Engineering & Cryptography

A collection of hacking / penetration testing resources to make you better!

Decode All Bases - Base Scheme Decoder

File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.

CTF竞赛权威指南

🏴‍☠️ Information Gathering tool 🏴‍☠️ DNS / Subdomains / Ports / Directories enumeration

📚 VoidHack CTF write-ups

Cameradar hacks its way into RTSP videosurveillance cameras

Awesome cloud enumerator

Comprehensive Web Based Phishing Suite for Rapid Deployment and Real-Time Alerting!

The Swiss Army knife for automated Web Application Testing

Idiomatic nmap library for go developers

Micro-framework for rapid development of reusable security tools

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

备考 OSCP 的各种干货资料/渗透测试干货资料

This repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

📡 A python program to create a fake AP and sniff data.

Container with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters

Steganography brute-force utility to uncover hidden data inside files

Extract endpoints from APK files

Bramble is a hacking Open source suite.

Thoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

Hawkeye filesystem analysis tool

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

RSPET (Reverse Shell and Post Exploitation Tool) is a Python based reverse shell equipped with functionalities that assist in a post exploitation scenario.

Capture-the-Flag (CTF) environment setup tools for OWASP Juice Shop

Awesome Node.js Security resources

swap_digger is a tool used to automate Linux swap analysis during post-exploitation or forensics. It automates swap extraction and searches for Linux user credentials, web forms credentials, web forms emails, http basic authentication, Wifi SSID and keys, etc.

Writeups for infosec Capture the Flag events by team Galaxians

A list of web application security

Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

Sifter aims to be a fully loaded Op Centre for Pentesters

OSINT

Useful tools and scripts during Penetration Testing engagements

A framework for Backdoor development!

Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords

Quickly analyze and reverse engineer Android packages

A vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.

A curated list of awesome privilege escalation

🔗 Don't know what type of hash it is? Name That Hash will name that hash type! 🤖 Identify MD5, SHA256 and 3000+ other hashes ☄ Comes with a neat web app 🔥

Web path scanner

Tool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.

Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python