546 Open source projects that are alternatives of or similar to Pentmenu

Raven-Storm is a powerful DDoS toolkit for penetration tests, including attacks for several protocols written in python. Takedown many connections using several exotic and classic protocols.

This repo will contain some basic pentest/RT commands.

HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.

🔨 A modern multiple reverse shell sessions manager wrote in go

🔪 Leak git repositories from misconfigured websites

A collection of useful scripts for Cobalt Strike

Fast browser-based network discovery module

Go-deliver is a payload delivery tool coded in Go.

A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

Physmem2profit can be used to create a minidump of a target hosts' LSASS process by analysing physical memory remotely

PacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.

🦄🔒 Awesome list of secrets in environment variables 🖥️

Python 3.5+ DNS asynchronous brute force utility

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

SessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally.

An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.

DNS Rebinding Exploitation Framework

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

Empire HTTP(S) C2 redirector setup script

The Shadow Attack Framework

Use ExpiredDomains.net and BlueCoat to find useful domains for red team.

The all-in-one Red Team extension for Web Pentester 🛠

Applied offensive security with Rust - Early access - https://academy.kerkour.com/black-hat-rust?coupon=GITHUB

Share of my Huge Collection of Cheatsheet (Coding, Cheat, Pinouts, Command Lists, Etc.)

The Collective. A repo for a collection of red-team projects found mostly on Github.

Wiki to collect Red Team infrastructure hardening resources

Linux Rootkits (4.x Kernel)

Cobalt is a FreeDOS distribution designed to be light, simple and easy to use.

一款信息泄漏利用工具，适用于.git/.svn源代码泄漏和.DS_Store泄漏

A fully automatic wifi deauther coded in Python

PowerShell SOCKS proxy with reverse proxy capabilities

Comprehensive Web Based Phishing Suite for Rapid Deployment and Real-Time Alerting!

The Reconstruction of ZZT

Create a VPS on Google Cloud Platform or Digital Ocean easily with Offensive Docker included to launch assessment to the targets.

A pentesting tool inspired by mr robot and derived by zphisher

locate and attack Lync/Skype for Business

Just another script for automatize boolean-based blind SQL injections. (Demo)

Jam all wifi clients/routers.

IP Tools To quickly get information about IP Address's, Web Pages and DNS records.

Selenium powered Python script to automate searching for vulnerable web apps.

Template-Driven AV/EDR Evasion Framework

Quick utility to craft executables for pentesting and managing reverse shells

Hundreds of Offensive and Useful Docker Images for Network Intrusion. The name says it all.

This is a quick script installation for resilient redirector using nginx reverse proxy and letsencrypt compatible with some popular Post-Ex Tools (Cobalt Strike, Empire, Metasploit, PoshC2).

C++20 development framework for 32-bit DOS applications

SIP-Based Audit and Attack Tool

Docker image for Osmedeus, a fully automated offensive security tool for reconnaissance and vulnerability scanning

Pre-connection attacks, gaining access & post-connection attacks on WEP, WPA & WPA2. 🛰✔️

Port scanning and domain utility.

Quick tool for checking CVE-2020-0688 on multiple hosts with a non-intrusive method.

tcp connection hijacker, rust rewrite of shijack

巡风是一款适用于企业内网的漏洞快速应急，巡航扫描系统。

Awesome cloud enumerator

Intelligent XSS detection tool that uses human techniques for looking for reflected cross-site scripting (XSS) vulnerabilities

Command line tool that allows you to explore IoT devices by using Shodan API.

A Modular Framework for the Automated Vulnerability Analysis in IP-based Networks

Malleable C2 profiles for Cobalt Strike