556 Open source projects that are alternatives of or similar to Privesccheck

Fully automated offensive security framework for reconnaissance and vulnerability scanning

linuxprivchecker.py -- a Linux Privilege Escalation Check Script

Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.

BURP extension to record every HTTP request send via BURP and create an audit trail log of an assessment.

Exploit for the RpcEptMapper registry key permissions vulnerability (Windows 7 / 2088R2 / 8 / 2012)

Useful tools and scripts during Penetration Testing engagements

Web Content Discovery Tool

Subdomain enumeration through various techniques

Open source pre-operation C2 server based on python and powershell

locate and attack Lync/Skype for Business

Handbook of information collection for penetration testing and src

Hundreds of Offensive and Useful Docker Images for Network Intrusion. The name says it all.

Overlord - Red Teaming Infrastructure Automation

Selenium powered Python script to automate searching for vulnerable web apps.

The Shadow Attack Framework

Dradis Framework: Colllaboration and reporting for IT Security teams

Docker image for Osmedeus, a fully automated offensive security tool for reconnaissance and vulnerability scanning

Port scanning and domain utility.

A repo with information about security of Ethereum Smart Contracts

This repo will contain some basic pentest/RT commands.

Fast web fuzzer written in Go

A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.

😹 Tomcter is a python tool developed to bruteforce Apache Tomcat manager login with Apache Tomcat default credentials.

Credential stuffing engine built for security professionals

A python tool to check subdomain takeover vulnerability

Detects the algorithm of input JWT Token and provide options to generate the new JWT token based on the user selected algorithm.

Gorsair hacks its way into remote docker containers that expose their APIs

fireELF - Fileless Linux Malware Framework

Load a fresh new copy of ntdll.dll via file mapping to bypass API inline hook.

This repository contains writeups for various CTFs I've participated in (Including Hack The Box).

Automatically Launch Google Hacking Queries Against A Target Domain

Linux Rootkits (4.x Kernel)

Search for Unix binaries that can be exploited to bypass system security restrictions.

Some of my security stuff and vulnerabilities. Nothing advanced. More to come.

ServerScan一款使用Golang开发的高并发网络扫描、服务探测工具。

HostHunter a recon tool for discovering hostnames using OSINT techniques.

This tool will quickly search for exploitable binaries with SUID bit set in Linux and will output the method of exploitation from GTFObins

A fully automatic wifi deauther coded in Python

WADComs is an interactive cheat sheet, containing a curated list of Unix/Windows offensive tools and their respective commands.

PowerShell SOCKS proxy with reverse proxy capabilities

Intelligence tool but without API key

A pentesting tool inspired by mr robot and derived by zphisher

Just another script for automatize boolean-based blind SQL injections. (Demo)

A framework for Backdoor development!

Burp Extension for testing authorization issues. Automated request repeating and parameter value extraction on the fly.

Raven-Storm is a powerful DDoS toolkit for penetration tests, including attacks for several protocols written in python. Takedown many connections using several exotic and classic protocols.

Dump exposed HTTP .git fast

A Hashcat wrapper for distributed hashcracking

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

DNS Rebinding Exploitation Framework

Quick utility to craft executables for pentesting and managing reverse shells

Pre-connection attacks, gaining access & post-connection attacks on WEP, WPA & WPA2. 🛰✔️

🦄🔒 Awesome list of secrets in environment variables 🖥️

Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps. 👻🐚

Ruby on Rails Phishing Framework

Quickly analyze and reverse engineer Android packages

Quick tool for checking CVE-2020-0688 on multiple hosts with a non-intrusive method.

Intelligent XSS detection tool that uses human techniques for looking for reflected cross-site scripting (XSS) vulnerabilities

a unique framework for cybersecurity simulation and red teaming operations, windows auditing for newer vulnerabilities, misconfigurations and privilege escalations attacks, replicate the tactics and techniques of an advanced adversary in a network.