1044 Open source projects that are alternatives of or similar to Perun

Next generation web scanner

Open source pre-operation C2 server based on python and powershell

my oscp prep collection

Hacking Toolkit

JustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)

Offline command line lookup utility for GTFOBins (https://github.com/GTFOBins/GTFOBins.github.io) and LOLBAS (https://github.com/LOLBAS-Project/LOLBAS)

SSRF (Server Side Request Forgery) testing resources

RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.

Overlord - Red Teaming Infrastructure Automation

This repository contains full code examples from the book Gray Hat C#

Web-based Source Code Vulnerability Scanner

Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework

ReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.

A tool to test security of json web token

A PowerShell-based toolkit and framework consisting of a collection of techniques and tradecraft for use in red team, post-exploitation, adversary simulation, or other offensive security tasks.

Tactics, Techniques, and Procedures

A tool for bug hunting or pentesting for targeting websites that have open .git repositories available in public

RubberDucky like payloads for DigiSpark Attiny85

Scan .onion hidden services with nmap using Tor, proxychains and dnsmasq in a minimal alpine Docker container.

Attempting to be an all in one repo for others' userful aggressor scripts as well as things we've found useful during Red Team Operations.

Wordlist for content(directory) bruteforce discovering with Burp or dirsearch

Use ExpiredDomains.net and BlueCoat to find useful domains for red team.

红队综合渗透框架

🌔 Official Repository for DarkSpiritz Penetration Framework | Written in Python 🐍

DNS-Persist is a post-exploitation agent which uses DNS for command and control.

A static binary vulnerability scanner

An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.

Agent scanner for vulners.com

A list to discover work of red team tooling and methodology for penetration testing and security assessment

All releases of the security research group (a.k.a. hackers) The Hacker's Choice

Pentesting/Bugbounty Dockerfiles.

Web Recon & Exploitation Tool.

PoC Command and Control Server. Interact with clients through a private web interface, add new users for team sharing and more.

Create a VPS on Google Cloud Platform or Digital Ocean easily with Offensive Docker included to launch assessment to the targets.

Remote command execution vulnerability scanner for Log4j.

A Docker Image For the Open Vulnerability Assessment Scanner (OpenVAS)

SEC分布式资产扫描系统

Python3 tool to perform password spraying using RDP

For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

fireELF - Fileless Linux Malware Framework

A REST API security testing framework.

一款信息泄漏利用工具，适用于.git/.svn源代码泄漏和.DS_Store泄漏

Internal penetration testing tool for Linux that can be used to enumerate OS information, domain information, shares, directories, and users through SMB.

🌒 Shell command obfuscation to avoid detection systems

Network Pivoting Toolkit

iblessing is an iOS security exploiting toolkit, it mainly includes application information collection, static analysis and dynamic analysis. It can be used for reverse engineering, binary analysis and vulnerability mining.

swiss army knife for hackers

OSINT

Open Redirect Payloads

Vulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.

A tool to automate penetration tests

PacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.

hacker, ready for more of our story ! 🚀

Tool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

Extract subdomains from SSL certificates in HTTPS sites.

Sifter aims to be a fully loaded Op Centre for Pentesters

Wi-Fi tools keep getting more and more accessible to beginners, and the Ehtools Framework is a framework of serious penetration tools that can be explored easily from within it. This powerful and simple tool can be used for everything from installing new add-ons to grabbing a WPA handshake in a matter of seconds. Plus, it's easy to install, set up, and utilize.