556 Open source projects that are alternatives of or similar to Privesccheck

Tool Information Gathering Write By Python.

Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.

Automatic SQL injection and database takeover tool

A curated list of awesome OSCP resources

Security Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.

Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords

Search for Directory Traversal Vulnerabilities

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

THE ESP8266 HONEYPOT

Automate Pentest Tool

Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

All MITM attacks in one place.

Find exploit tool

Windows 权限提升 BadPotato

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

API, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)

network reconnaissance toolkit

C2/post-exploitation framework

个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

Fast directory scanning and scraping tool

Scan .onion hidden services with nmap using Tor, proxychains and dnsmasq in a minimal alpine Docker container.

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

linuxprivchecker.py -- a Linux Privilege Escalation Check Script

Directory/File, DNS and VHost busting tool written in Go

Tactics, Techniques, and Procedures

BURP extension to record every HTTP request send via BURP and create an audit trail log of an assessment.

Ladon Network Penetration Scanner for PowerShell, vulnerability / exploit / detection / MS17010/SmbGhost,Brute-Force SMB/IPC/WMI/NBT/SSH/FTP/MSSQL/MYSQL/ORACLE/VNC

Single-file PHP shell

Simple multi threaded tool to extract domain related data from commoncrawl.org

Collection of things made during my OSCP journey

NetCat for Windows

Offensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.

This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference

DNS Sub-domain brute forcer, in Python + gevent

OneForAll是一款功能强大的子域收集工具

Appsecco training course content on Attacking and Auditing Dockers Containers and Kubernetes Clusters

A vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.

A swiss army knife for pentesting networks

Useful tools and scripts during Penetration Testing engagements

Web Content Discovery Tool

Penetration Testing notes, resources and scripts

WeirdAAL (AWS Attack Library)

Reverse proxies cheatsheet

Open source pre-operation C2 server based on python and powershell

Hetty is an HTTP toolkit for security research.

Spoilerwall introduces a brand new concept in the field of network hardening. Avoid being scanned by spoiling movies on all your ports!

Web Pentesting Fuzz 字典,一个就够了。

Notes for taking the OSCP in 2097. Read in book form on GitBook

This repository contains full code examples from the book Gray Hat C#

Passhunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.

Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.

红队综合渗透框架

Framework designed to automate various wireless networks attacks (the project was presented on Pentester Academy TV's toolbox in 2017).

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)

The Shadow Attack Framework

Handbook of information collection for penetration testing and src

A repo with information about security of Ethereum Smart Contracts

Dradis Framework: Colllaboration and reporting for IT Security teams

Fast web fuzzer written in Go

Credential stuffing engine built for security professionals