789 Open source projects that are alternatives of or similar to Poc

This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack

This repository is a collection of resources to prepare for the Certified Kubernetes Security Specialist (CKSS) exam.

👻 A LAN dropbox chatbot controllable via Telegram

Decrypt passwords/cookies/history/bookmarks from the browser. 一款可全平台运行的浏览器数据导出解密工具。

Apache Tomcat auto WAR deployment & pwning penetration testing tool.

Chromepass - Hacking Chrome Saved Passwords

Next generation web scanner

Information Gathering tool for a Website or IP address

My own OSCP guide

Exploits and Security Tools Framework 2.0.1

Offensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.

The iCTF Framework, presented by Shellphish!

🤖 The Modern Port Scanner 🤖

Tool to generate smart and powerful wordlists

个人笔记汇总

Kubei is a flexible Kubernetes runtime scanner, scanning images of worker and Kubernetes nodes providing accurate vulnerabilities assessment, for more information checkout:

CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.

OSINT

Security Orchestration, Automation and Response (SOAR) Platform. 安全编排与自动化响应平台，无需编写代码的安全自动化，使用 SOAR 可以让团队工作更加高效

Comprehensive Web Based Phishing Suite for Rapid Deployment and Real-Time Alerting!

swap_digger is a tool used to automate Linux swap analysis during post-exploitation or forensics. It automates swap extraction and searches for Linux user credentials, web forms credentials, web forms emails, http basic authentication, Wifi SSID and keys, etc.

A vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.

Free Security and Hacking eBooks

Python tool that monitors and logs user-run commands on a Linux system for either offensive or defensive purposes..

This is a multi-use bash script for Linux systems to audit wireless networks.

IP Tools To quickly get information about IP Address's, Web Pages and DNS records.

Free advanced and modern Windows botnet with a nice and secure PHP panel.

network reconnaissance toolkit

Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.

Web Application Security Scanner Framework

Top 100 Hacking & Security E-Books (Free Download)

NXcrypt - 'python backdoor' framework

ATT&CK实操

☎️ Original open source call flooder using Twilio's API.

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

Read and write process memory in Node.js (Windows API functions exposed via Node bindings)

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)

Get PROXY List that gets updated everyday

Osintgram is a OSINT tool on Instagram. It offers an interactive shell to perform analysis on Instagram account of any users by its nickname

Awesome cloud enumerator

OWSAP Damn Vulnerable Web Sockets (DVWS) is a vulnerable web application which works on web sockets for client-server communication.

平常看到好的渗透hacking工具和多领域效率工具的集合

😈 Jenkins RCE PoC. From unauthenticated user to remote code execution, it's a hacker's dream!

Quine Museum

3389远程桌面代码执行漏洞CVE-2019-0708批量检测工具(Rdpscan Bluekeep Check)

Horusec is an open source tool that improves identification of vulnerabilities in your project with just one command.

Declarative penetration testing orchestration framework

Mercure is a tool for security managers who want to train their colleague to phishing.

👻 RAT (Remote Access Trojan) - Silent Botnet - Full Remote Command-Line Access - Download & Execute Programs - Spread Virus' & Malware

Reverse Shell Cheat Sheet TooL

Linux privilege escalation checks (systemd, dbus, socket fun, etc)

PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform

EOS bp nodes security checklist（EOS超级节点安全执行指南）

Framework for building Windows malware, written in C++

一款信息泄漏利用工具，适用于.git/.svn源代码泄漏和.DS_Store泄漏

locate and attack Lync/Skype for Business

A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit ARM & 64-bit ARM architectures.

Hunt for security weaknesses in Kubernetes clusters

(deprecated) Android application vulnerability analysis and Android pentest tool