496 Open source projects that are alternatives of or similar to Poet

C2/post-exploitation framework

📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.

ToRat is a Remote Administation tool written in Go using Tor as a transport mechanism and RPC for communication

linux post-exploitation framework made by linux user

Applied offensive security with Rust - Early access - https://academy.kerkour.com/black-hat-rust?coupon=GITHUB

Bifrost C2. Open-source post-exploitation using Discord API

An evil RAT (Remote Administration Tool) for macOS / OS X.

Thoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.

Proton Framework is a Windows post-exploitation framework similar to other Windows post-exploitation frameworks. The major difference is that the Proton Framework does most of its operations using Windows Script Host, with compatibility in the core to support a default installation of Windows 2000 with no service packs all the way through Windows 10.

Yet Another PHP Shell - The most complete PHP reverse shell

A post exploitation tool based on a web application, focusing on bypassing endpoint protection and application whitelisting

venom - shellcode generator/compiler/handler (metasploit)

Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python

Ghost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device.

Free advanced and modern Windows botnet with a nice and secure PHP panel.

🇮🇳 🤖 It's easy to use android botnet work without port forwarding, vps and android studio

Sifter aims to be a fully loaded Op Centre for Pentesters

Ghost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device. Ghost Framework gives you the power and convenience of remote Android device administration.

KratosKnife is a Advanced BOTNET Written in python 3 for Windows OS. Comes With Lot of Advanced Features such as Persistence & VM Detection Methods, Built-in Binder, etc

Username enumeration and password spraying tool aimed at Microsoft O365.

Linux C2 框架demo，为期2周的”黑客编程马拉松“，从学习编程语言开始到实现一个demo的产物

A tool to be used in post exploitation phase for blue and red teams to bypass APPLICATIONCONTROL policies

The ultimate WinRM shell for hacking/pentesting

Pymeta will search the web for files on a domain to download and extract metadata. This technique can be used to identify: domains, usernames, software/version numbers and naming conventions.

A Cross Platform multifunctional (Windows/Linux/Mac) RAT.

Open source all-in-one CLI tool to semi-automate pentesting.

A tool to test security of json web token

XSS'OR - Hack with JavaScript.

A curated list of VULNERABLE APPS and SYSTEMS which can be used as PENETRATION TESTING PRACTICE LAB.

TechNowLogger is Windows/Linux Keylogger Generator which sends key-logs via email with other juicy target info

A wrapper for Nmap to quickly run network scans

Portia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised. Portia performs privilege escalation as well as lateral movement automatically in the network

A list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP (and more) study material. Commands in 'Usefulcommands' Keepnote. Bookmarks and reading material in 'BookmarkList' CherryTree. Reconscan Py2 and Py3. Custom ISO building.

Intelligence and Reconnaissance Package/Bundle installer.

Offensive tools as Dockerfiles. Lightweight & Ready to go

Zombie Ant Farm: Primitives and Offensive Tooling for Linux EDR evasion.

Hooks in to interesting functions and helps reverse the web app faster.

Remote Administration Toolkit (or Trojan) for POSiX (Linux/Unix) system working as a Web Service

A Cloudflare resolver that works

Basic Multiplatform Remote Administration Tool - Xamarin

Python Remote Administration Tool (RAT)

Python Interactive Deepweb-oriented Rapid Intelligent Link Analyzer

An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR

A Phishing Dropper designed to Pentest.

Tool for catching and logging different types of requests.

Relational database brute force and post exploitation tool for MySQL and MSSQL

Unsorted, raw, ugly & probably poorly usable tools for reversing, exploit and pentest

nray distributed port scanner

C2Hack, sharing tips and tricks for pentesters

Bash script purposed for system enumeration, vulnerability identification and privilege escalation.

A Tools Session Hijacking And Stealer Local Passcode Telegram Windows

A list of payload and bypass lists for penetration testing and red team infrastructure build.

An Infrastructure as Code (IaC) deployment of a small Active Directory pentest lab in the cloud. The deployment simulates a semi-realistic corporate enterprise Active Directory with a DC and endpoints. Purple team goals include blue team detection capabilities and R&D for detection engineering new approaches.

SSRF (Server Side Request Forgery) testing resources

RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.

scan for NTLM directories

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

Dorks for shodan.io. Some basic shodan dorks collected from publicly available data.

🔐 Docker Container for Penetration Testing & Security