1805 Open source projects that are alternatives of or similar to Phishing Frenzy

Automated NoSQL database enumeration and web application exploitation tool.

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

Portia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised. Portia performs privilege escalation as well as lateral movement automatically in the network

Command line tool that allows you to explore IoT devices by using Shodan API.

Know the dangers of credential reuse attacks.

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

A high performance offensive security tool for reconnaissance and vulnerability scanning

A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.

一款信息泄漏利用工具，适用于.git/.svn源代码泄漏和.DS_Store泄漏

This tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely useful for a forensics team to extract timestamps after an attack on a host to collect evidences and perform further analysis.

ANDRAX The first and unique Penetration Testing platform for Android smartphones

Top 100 Hacking & Security E-Books (Free Download)

An automated e-mail OSINT tool

Dark-Phish is a complete phishing tool. For more about Dark-Phish tool please visit the website.

Linux privilege escalation checks (systemd, dbus, socket fun, etc)

Web Application Security Scanner Framework

Collection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi

retrieve information via O365 with a valid cred

Wordpress 🔥 Joomla 🔥 Drupal 🔥 OsCommerce 🔥 Prestashop 🔥 Opencart 🔥

Capture-the-Flag (CTF) environment setup tools for OWASP Juice Shop

Fully automated offensive security framework for reconnaissance and vulnerability scanning

List of every possible vulnerabilities in computer security.

Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.

The New Hacking Framework

locate and attack Lync/Skype for Business

Yet Another PHP Shell - The most complete PHP reverse shell

Awesome cloud enumerator

Mercure is a tool for security managers who want to train their colleague to phishing.

Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.

Don't let buffer overflows overflow your mind

Everything needed for doing CTFs

Hacker101 CTF Writeup

Osintgram is a OSINT tool on Instagram. It offers an interactive shell to perform analysis on Instagram account of any users by its nickname

This is a multi-use bash script for Linux systems to audit wireless networks.

Tool Information Gathering Write By Python.

Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.

👻 A LAN dropbox chatbot controllable via Telegram

A list of web application security

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

swiss army knife for hackers

OSINT

Offensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.

network reconnaissance toolkit

🤖 The Modern Port Scanner 🤖

Free Security and Hacking eBooks

A tool to automate penetration tests

My own OSCP guide

Extension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.

Advanced Web Shell

Extract endpoints from APK files

PacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

A curated list of awesome privilege escalation

Sifter aims to be a fully loaded Op Centre for Pentesters

Vulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.

All in One Hacking Tool for Linux & Android (Termux). Make your linux environment into a Hacking Machine. Hackers are welcome in our blog

Wi-Fi tools keep getting more and more accessible to beginners, and the Ehtools Framework is a framework of serious penetration tools that can be explored easily from within it. This powerful and simple tool can be used for everything from installing new add-ons to grabbing a WPA handshake in a matter of seconds. Plus, it's easy to install, set up, and utilize.

DNS Rebinding Exploitation Framework

Quickly analyze and reverse engineer Android packages