556 Open source projects that are alternatives of or similar to Privesccheck

Pre-connection attacks, gaining access & post-connection attacks on WEP, WPA & WPA2. 🛰✔️

🦄🔒 Awesome list of secrets in environment variables 🖥️

Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps. 👻🐚

Ruby on Rails Phishing Framework

Quickly analyze and reverse engineer Android packages

Quick tool for checking CVE-2020-0688 on multiple hosts with a non-intrusive method.

Intelligent XSS detection tool that uses human techniques for looking for reflected cross-site scripting (XSS) vulnerabilities

Nmap and NSE command line wrapper in the style of Metasploit

a unique framework for cybersecurity simulation and red teaming operations, windows auditing for newer vulnerabilities, misconfigurations and privilege escalations attacks, replicate the tactics and techniques of an advanced adversary in a network.

Create file system symbolic links from low privileged user accounts within PowerShell

Terribad PrivEsc enumeration script for Windows systems

Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.

PoC Command and Control Server. Interact with clients through a private web interface, add new users for team sharing and more.

Automatic SQL injection and database takeover tool

It's a Docker Environment for pentesting which having all the required tool for VAPT.

A curated list of awesome OSCP resources

集漏洞验证和任务运行的一个框架

Security Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.

Linux kernel development & exploitation lab.

Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords

🌒 Shell command obfuscation to avoid detection systems

🚀 Takes minutes to explore the topology of all routable /24 prefixes in IPv4 address space. Now supports IPv6 scan!

Command line tool that allows you to explore IoT devices by using Shodan API.

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

Python 3.5+ DNS asynchronous brute force utility

Automate Pentest Tool

SessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally.

Collection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi

Open source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.

Web Recon & Exploitation Tool.

Go library for credentials recovery

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)

ARCHIVED: Use 'peh' instead

Windows 权限提升 BadPotato

Bypass UAC by abusing the Security Center CPL and hijacking a shell protocol handler

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

UAC Bypass for windows

My own OSCP guide

API, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)

A tool for generating reverse shell payloads on the fly.

network reconnaissance toolkit

Brahma - Privilege elevation exploit for Nintendo 3DS

C2/post-exploitation framework

Quick SQL Scanner, Dorker, Webshell injector PHP

swiss army knife for hackers

个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

A Modular Framework for the Automated Vulnerability Analysis in IP-based Networks

Tool that will request the public disclosures on a specific HackerOne program and show them in a localhost webserver.

Scan .onion hidden services with nmap using Tor, proxychains and dnsmasq in a minimal alpine Docker container.

generates weak passwords based on current date

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

A Bash script that downloads and unzips scripts that will aid with privilege escalation on a Linux system.

Do some quick reconnaissance on a domain-based web-application

Repository of my CTF writeups

Wordpress Attack Suite

ToRat is a Remote Administation tool written in Go using Tor as a transport mechanism and RPC for communication

Facebook Write-ups, PoC, and exploitation codes:

Open Redirect scanner - (out of date)

List of every possible vulnerabilities in computer security.

Hashtopolis - A Hashcat wrapper for distributed hashcracking