1012 Open source projects that are alternatives of or similar to Portia

A framework that create an advanced stealthy dropper that bypass most AVs and have a lot of tricks

Web Application Security Scanner Framework

This tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs enabling attackers to read data they shouldn't be able to. This tool is originally based on Microsoft: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in

Awesome hacking is an awesome collection of hacking tools.

A Golang implant that uses Slack as a command and control server

Ary 是一个集成类工具，主要用于调用各种安全工具，从而形成便捷的一键式渗透。

Collection of the cheat sheets useful for pentesting

HydraFW official firmware for HydraBus/HydraNFC for researcher, hackers, students, embedded software developers or anyone interested in debugging/hacking/developing/penetration testing

An Arch Linux repository for security professionals and enthusiasts. Done the Arch Way and optimized for i686, x86_64, ARMv6, ARMv7 and ARMv8.

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

Awesome Vulnerable Applications

ANDRAX The first and unique Penetration Testing platform for Android smartphones

This tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely useful for a forensics team to extract timestamps after an attack on a host to collect evidences and perform further analysis.

Fast Modular Web Interfaces Bruteforcer

HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

3389远程桌面代码执行漏洞CVE-2019-0708批量检测工具(Rdpscan Bluekeep Check)

Rubyfu, where Ruby goes evil!

Cameradar hacks its way into RTSP videosurveillance cameras

TryHackMe CTFs writeups, notes, drafts, scrabbles, files and solutions.

PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.

A script to configure a TP-Link MR3040 running OpenWRT into a simple, yet powerful penetration-testing "dropbox".

Multi source CVE/exploit parser.

Docker - Ubuntu with a bunch of PenTesting tools and wordlists

Common Web Managers Fuzz Wordlists

SMTP and IMAP checker / cracker for mailpass combolists with a user-friendly GUI, automated inbox test and many more features.

Multi OTP Spam Amp/Paralell threads

Kali Live Build Scripts

This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.

Yet Another PHP Shell - The most complete PHP reverse shell

cve-2019-0604 SharePoint RCE exploit

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

Infection vector that bypasses AV, IDS, and IPS. (For now...)

Burp Bounty profiles compilation, feel free to contribute!

Fully automated offensive security framework for reconnaissance and vulnerability scanning

Free Security and Hacking eBooks

A tool to automate penetration tests

Osintgram is a OSINT tool on Instagram. It offers an interactive shell to perform analysis on Instagram account of any users by its nickname

A curated list of VULNERABLE APPS and SYSTEMS which can be used as PENETRATION TESTING PRACTICE LAB.

Free advanced and modern Windows botnet with a nice and secure PHP panel.

A collection of personal scripts used in hacking excercises.

OSINT Tool: Generate username lists for companies on LinkedIn

A curated list of awesome OSCP resources

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

Browser Exploitation Framework is a Open-source penetration testing tool that focuses on browser-based vulnerabilities .This Python Script does the changes Required to make hooked Linked Accessible Over WAN .So anyone can use this framework and Attack Over WAN without Port Forwarding [NGROK or any Localhost to Webhost Service Required ]

A collection of hacking / penetration testing resources to make you better!

My own fork of (Beta) Yalu Jailbreak for iOS 10.0 to 10.2 by @kpwn and @marcograss with custom UI and other features.

nray distributed port scanner

Webshell Manager

KratosKnife is a Advanced BOTNET Written in python 3 for Windows OS. Comes With Lot of Advanced Features such as Persistence & VM Detection Methods, Built-in Binder, etc

A repository of tools for pentesting of restricted and isolated environments.

Penetration test Achieve Knowledge Unite Rapid Interface

Knowledge Base 慢雾安全团队知识库

A collection of Ansible roles for automating infosec builds.

Pentesting suite for Maltego based on data in a Metasploit database

List of considerations for commerce site auditing and security teams. This is summary of action points and areas that need to be built into the Techinical Specific Document, or will be checked in the Security testing phases.

Hack Facebook

Bash script purposed for system enumeration, vulnerability identification and privilege escalation.

Docker images for infosec tools