1266 Open source projects that are alternatives of or similar to Powerladon

A curated list of awesome privilege escalation

The Web Application Hacker's Handbook - Extra Content

Blueborne CVE-2017-0785 Android information leak vulnerability

A collection of more than 140+ tools, scripts, cheatsheets and other loots that I have developed over years for Red Teaming/Pentesting/IT Security audits purposes. Most of them came handy on at least one of my real-world engagements.

Asynchronous Python implementation of SlowLoris DoS attack

Burp Bounty profiles compilation, feel free to contribute!

Miscellaneous exploit code

vulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}

Hacking tools

This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.

Security and Hacking Tools, Exploits, Proof of Concepts, Shellcodes, Scripts.

Penetration Testing notes, resources and scripts

Apache Solr Injection Research

my oscp prep collection

Container with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters

Ghost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device. Ghost Framework gives you the power and convenience of remote Android device administration.

Entropy Toolkit is a set of tools to provide Netwave and GoAhead IP webcams attacks. Entropy Toolkit is a powerful toolkit for webcams penetration testing.

Python Interactive Deepweb-oriented Rapid Intelligent Link Analyzer

200 TOOLS BY 0XID4FF0X FOR TERMUX

A collection of hacking / penetration testing resources to make you better!

Portia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised. Portia performs privilege escalation as well as lateral movement automatically in the network

Offensive tools as Dockerfiles. Lightweight & Ready to go

A list of payload and bypass lists for penetration testing and red team infrastructure build.

M3m0 Tool ⚔️ Website Vulnerability Scanner & Auto Exploiter

The all-in-one Red Team extension for Web Pentester 🛠

A high performance offensive security tool for reconnaissance and vulnerability scanning

TechNowLogger is Windows/Linux Keylogger Generator which sends key-logs via email with other juicy target info

Proofs-of-concept

PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.

CTF竞赛权威指南

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

JustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)

Exploit for Drupal v7.x + v8.x (Drupalgeddon 2 / CVE-2018-7600 / SA-CORE-2018-002)

Fast directory scanning and scraping tool

D(HE)ater is a proof of concept implementation of the D(HE)at attack (CVE-2002-20001) through which denial-of-service can be performed by enforcing the Diffie-Hellman key exchange.

TryHackMe CTFs writeups, notes, drafts, scrabbles, files and solutions.

Pentest: Subdomains enumeration tool for penetration testers.

Wordpress 🔥 Joomla 🔥 Drupal 🔥 OsCommerce 🔥 Prestashop 🔥 Opencart 🔥

PeekABoo tool can be used during internal penetration testing when a user needs to enable Remote Desktop on the targeted machine. It uses PowerShell remoting to perform this task. Note: Remote desktop is disabled by default on all Windows operating systems.

Focus on cybersecurity | collection of PoC and Exploits

Tool to communicate with RPC services and check misconfigurations on NFS shares

Git All the Payloads! A collection of web attack payloads.

🌒 Shell command obfuscation to avoid detection systems

hydra

SMTP and IMAP checker / cracker for mailpass combolists with a user-friendly GUI, automated inbox test and many more features.

Framework for rapid development and reusable of security tools

List of Security Archives Tools and software, generally for facilitate security & penetration research. Opening it up to everyone will facilitate a knowledge transfer. Hopefully the initial set will grow and expand.

Windows 8.1 and 10 UAC bypass abusing WinSxS in "dccw.exe".

ProxyToken (CVE-2021-33766) : An Authentication Bypass in Microsoft Exchange Server POC exploit

👻Behold3r -- 收集指定网站的子域名，并可监控指定网站的子域名更新情况，发送变更报告至指定邮箱

红队综合渗透框架

hack tools

Vulnerability Notes, PoC Exploits and Write-Ups for security issues disclosed by tintinweb

Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本，最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340

Overlord - Red Teaming Infrastructure Automation

Ladon Pentest Scanner framework 全平台LadonGo开源内网渗透扫描器框架，使用它可轻松一键批量探测C段、B段、A段存活主机、高危漏洞检测MS17010、SmbGhost，远程执行SSH/Winrm，密码爆破SMB/SSH/FTP/Mysql/Mssql/Oracle/Winrm/HttpBasic/Redis，端口扫描服务识别PortScan指纹识别/HttpBanner/HttpTitle/TcpBanner/Weblogic/Oxid多网卡主机，端口扫描服务识别PortScan。

Automatically Launch Google Hacking Queries Against A Target Domain

🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.

jSQL Injection is a Java application for automatic SQL database injection.

MSDAT: Microsoft SQL Database Attacking Tool