556 Open source projects that are alternatives of or similar to Privesccheck

Collection of pentesting scripts

Command line tool that allows you to explore IoT devices by using Shodan API.

SessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally.

Collection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi

Open source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.

Web Recon & Exploitation Tool.

Capture-the-Flag (CTF) environment setup tools for OWASP Juice Shop

Offensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.

PHP function tracker

This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference

Dynamic file detection tool based on crawler 基于爬虫的动态敏感文件探测工具

👻 A LAN dropbox chatbot controllable via Telegram

DNS Sub-domain brute forcer, in Python + gevent

An extensible toolkit providing penetration testers an easy-to-use platform to deploy Access Points during penetration testing and red team engagements.

OneForAll是一款功能强大的子域收集工具

AWS Identity and Access Management Visualizer and Anomaly Finder

Appsecco training course content on Attacking and Auditing Dockers Containers and Kubernetes Clusters

A Modular Framework for the Automated Vulnerability Analysis in IP-based Networks

A Bash script that downloads and unzips scripts that will aid with privilege escalation on a Linux system.

Do some quick reconnaissance on a domain-based web-application

A simple wrapper for C# tools

A vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.

Enumerate and decrypt TeamViewer credentials from Windows registry

A swiss army knife for pentesting networks

Spoof SSDP replies and create fake UPnP devices to phish for credentials and NetNTLM challenge/response.

Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting

Repository of my CTF writeups

Hawkeye filesystem analysis tool

A fast DOM based XSS vulnerability scanner with simplicity.

WeirdAAL (AWS Attack Library)

Wordpress Attack Suite

ToRat is a Remote Administation tool written in Go using Tor as a transport mechanism and RPC for communication

Facebook Write-ups, PoC, and exploitation codes:

HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.

Hetty is an HTTP toolkit for security research.

DNS-Persist is a post-exploitation agent which uses DNS for command and control.

Spoilerwall introduces a brand new concept in the field of network hardening. Avoid being scanned by spoiling movies on all your ports!

A tool to fastly get all javascript sources/files

Web Pentesting Fuzz 字典,一个就够了。

A simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support

Notes for taking the OSCP in 2097. Read in book form on GitBook

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

This repository contains full code examples from the book Gray Hat C#

Passhunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.

A CPU-based JSON Web Token (JWT) cracker and - to some extent - scanner.

Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.

Intelligence and Reconnaissance Package/Bundle installer.

红队综合渗透框架

[POC] Asynchronous reverse shell using the HTTP protocol.

Framework designed to automate various wireless networks attacks (the project was presented on Pentester Academy TV's toolbox in 2017).

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)

Open Redirect scanner - (out of date)

List of every possible vulnerabilities in computer security.

Hashtopolis - A Hashcat wrapper for distributed hashcracking

A runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python.

⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡

Python based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.

Extract endpoints from APK files

SecurityExplained is a new series after the previous learning challenge series #Learn365. The aim of #SecurityExplained series is to create informational content in multiple formats and share with the community to enable knowledge creation and learning.

Capture-the-Flag (CTF) environment setup tools for OWASP Juice Shop supporting CTFd, FBCTF and RootTheBox