2639 Open source projects that are alternatives of or similar to Privesc

TiDB is an open source distributed HTAP database compatible with the MySQL protocol

🎯 XML External Entity (XXE) Injection Payload List

An easy-to-use and promise-based multi SQL dialects ORM tool for Node.js

Generate type-safe code from SQL

K8Cscan大型内网渗透自定义插件化扫描神器，包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用，程序采用多线程批量扫描大型内网多个IP段C段主机，目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本，支持Cobalt Strike联动

Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.

Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。

Universal command-line interface for SQL databases

平常看到好的渗透hacking工具和多领域效率工具的集合

🦸【C#/.NET/.NET Core学习、工作、面试指南】概述：C#/.NET/.NET Core基础知识，学习资料、文章、书籍，社区组织，工具和常见的面试题总结。以及面试时需要注意的事项和优秀简历编写技巧，希望能和大家一起成长进步👊。【让现在的自己不再迷漫✨】

swiss army knife for hackers

JSqlParser parses an SQL statement and translate it into a hierarchy of Java classes. The generated hierarchy can be navigated using the Visitor Pattern

Security Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.

Advisories, proof of concept files and exploits that have been made public by @pedrib.

Tool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

Free universal database tool and SQL client

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

🤖 The Modern Port Scanner 🤖

Quick SQLMap Tamper Suggester

Idiomatic nmap library for go developers

PacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.

🍟 a notebook sql client. what you get when have a lot of sequels.

Ruby on Rails Phishing Framework

Database migration tool written in BASH.

Detecting Logic Bugs in DBMS

CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.

Intelligence tool but without API key

DNS Rebinding Exploitation Framework

Wi-Fi tools keep getting more and more accessible to beginners, and the Ehtools Framework is a framework of serious penetration tools that can be explored easily from within it. This powerful and simple tool can be used for everything from installing new add-ons to grabbing a WPA handshake in a matter of seconds. Plus, it's easy to install, set up, and utilize.

Go (Golang) Clean Architecture based on Reading Uncle Bob's Clean Architecture

A flexible and powerful SQL string builder library plus a zero-config ORM.

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

Directus Admin Application — An Intuitive WebApp for Managing Database Content

Penetration Testing notes, resources and scripts

🔥 大厂 BAT 面试高频知识点，后端技术体系。包含了 C GO Python, 网络，Redis ，MySQL ，消息队列 ，高并发，微服务，缓存，操作系统，算法，LeetCode 刷题等知识

Quickly analyze and reverse engineer Android packages

Directus Database API — Wraps Custom SQL Databases with a REST/GraphQL API

Database migration tool for .NET and .NET Core projects. Inspired by Flyway.

OSINT Tool: Generate username lists for companies on LinkedIn

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

The database toolkit for go

Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords

Making Favicon.ico based Recon Great again !

The most popular open-source eCommerce shopping cart solution based on ASP.NET Core

Python based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.

Automated Red Team Infrastructure deployement using Docker

🐳 A most popular sql audit platform for mysql

Hacking Toolkit

CLI tool that can execute SQL queries on CSV, LTSV, JSON and TBLN. Can output to various formats.

Collection of best practices for Java persistence performance in Spring Boot applications

A collection of Ruby libraries for working with SQL on top of ActiveRecord's connection

SmartSql = MyBatis in C# + .NET Core+ Cache(Memory | Redis) + R/W Splitting + PropertyChangedTrack +Dynamic Repository + InvokeSync + Diagnostics

Advanced Web Shell

Powerfull XSS Scanning and Parameter analysis tool&gem

Constantly updated lists of world countries and their associated alpha-2, alpha-3 and numeric country codes as defined by the ISO 3166 standard, available in CSV, JSON , PHP and SQL formats, in multiple languages and with national flags included

Database migrations. CLI and Golang library.