496 Open source projects that are alternatives of or similar to Poet

XSS'OR - Hack with JavaScript.

Container with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters

A curated list of VULNERABLE APPS and SYSTEMS which can be used as PENETRATION TESTING PRACTICE LAB.

Keye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will make a request to these URLs and try to detect changes based on their response's body length.

TechNowLogger is Windows/Linux Keylogger Generator which sends key-logs via email with other juicy target info

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

Automatically spawn a reverse shell fully interactive for Linux or Windows victim

A wrapper for Nmap to quickly run network scans

Automatic SSRF fuzzer and exploitation tool

Portia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised. Portia performs privilege escalation as well as lateral movement automatically in the network

Fast Modular Web Interfaces Bruteforcer

A list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP (and more) study material. Commands in 'Usefulcommands' Keepnote. Bookmarks and reading material in 'BookmarkList' CherryTree. Reconscan Py2 and Py3. Custom ISO building.

A fast, simple, recursive content discovery tool written in Rust.

Intelligence and Reconnaissance Package/Bundle installer.

Additional android app for SpaceHunn's ESP8266 DeAuther.

Penetration tests guide based on OWASP including test cases, resources and examples.

Offensive tools as Dockerfiles. Lightweight & Ready to go

Awesome Node.js Security resources

Hooks in to interesting functions and helps reverse the web app faster.

Windows, OS X and linux RAT client

Zombie Ant Farm: Primitives and Offensive Tooling for Linux EDR evasion.

React Native (iOS and Android) library for Kontakt.io beacons (and all other beacons)

Basic Multiplatform Remote Administration Tool - Xamarin

Python Remote Administration Tool (RAT)

ARTi-C2 is a post-exploitation framework used to execute Atomic Red Team test cases with rapid payload deployment and execution capabilities via .NET's DLR.

An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR

Dumping SAM / SECURITY / SYSTEM registry hives with a Beacon Object File

A Phishing Dropper designed to Pentest.

Telegram Desktop Session Stealer

C2Hack, sharing tips and tricks for pentesters

Windows Rootkit written in Python

Bash script purposed for system enumeration, vulnerability identification and privilege escalation.

Script collection to bypass Network Access Control (NAC, 802.1x)

An Infrastructure as Code (IaC) deployment of a small Active Directory pentest lab in the cloud. The deployment simulates a semi-realistic corporate enterprise Active Directory with a DC and endpoints. Purple team goals include blue team detection capabilities and R&D for detection engineering new approaches.

A list of payload and bypass lists for penetration testing and red team infrastructure build.

Compose shell commands to build interactive terminal applications

This is a c# client for the c# R.A.T server

RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.

🔎 Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.

scan for NTLM directories

Find exploits in local and online databases instantly

Dorks for shodan.io. Some basic shodan dorks collected from publicly available data.

🔐 Docker Container for Penetration Testing & Security

Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries

备考 OSCP 的各种干货资料/渗透测试干货资料

Chrome Keylogger Extension | Post Exploitation Tool

Set of tools to audit SIP based VoIP Systems

A Flutter plugin for turning your device into a beacon.

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

Green-hat-suite is a tool to generate meterpreter/shell which could evade antivirus.

A framework that create an advanced stealthy dropper that bypass most AVs and have a lot of tricks

A Remote Access Tool using Google Apps Script as the proxy for command and control.

Python network worm that spreads on the local network and gives the attacker control of these machines.

Bella is a pure python post-exploitation data mining tool & remote administration tool for macOS. 🍎💻

A simple python reverse shell written just for fun.

NSA Hacking Tool Recreation UnitedRake

outis is a custom Remote Administration Tool (RAT) or something like that. It was build to support various transport methods (like DNS) and platforms (like Powershell).

Telegram RAT written in Python

🔥 Control your Linux home computer with telegram bot.