556 Open source projects that are alternatives of or similar to Privesccheck

Facebook Write-ups, PoC, and exploitation codes:

Next generation web scanner

Passwords Recovery Tool

Fast directory scanning and scraping tool

Python network tool, similar to Netcat with custom features.

Fully automated offensive security framework for reconnaissance and vulnerability scanning

linuxprivchecker.py -- a Linux Privilege Escalation Check Script

Rescope is a tool geared towards pentesters and bugbounty researchers, that aims to make life easier when defining scopes for Burp Suite and OWASP ZAP.

Just Another Linux Enumeration Script: A Bash script for locally enumerating a compromised Linux box

Open Redirect scanner - (out of date)

List of every possible vulnerabilities in computer security.

Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.

WhiteWinterWolf's PHP web shell

BURP extension to record every HTTP request send via BURP and create an audit trail log of an assessment.

Exploit for the RpcEptMapper registry key permissions vulnerability (Windows 7 / 2088R2 / 8 / 2012)

Hashtopolis - A Hashcat wrapper for distributed hashcracking

A runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python.

⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡

Python based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.

Extract endpoints from APK files

SecurityExplained is a new series after the previous learning challenge series #Learn365. The aim of #SecurityExplained series is to create informational content in multiple formats and share with the community to enable knowledge creation and learning.

Useful tools and scripts during Penetration Testing engagements

This code is vulnerable to SQL Injection and having SQLite database. For SQLite database, SQL Injection payloads are different so it is for fun. Just enjoy it \m/

IP Tools To quickly get information about IP Address's, Web Pages and DNS records.

Web Content Discovery Tool

An evil RAT (Remote Administration Tool) for macOS / OS X.

Subdomain enumeration through various techniques

Encoder to bypass WAF filters using XOR operations

Open source pre-operation C2 server based on python and powershell

Awesome CSIRT is an curated list of links and resources in security and CSIRT daily activities.

Centralize Vulnerability Assessment and Management for DevSecOps Team

Overlord - Red Teaming Infrastructure Automation

ReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.

Capture-the-Flag (CTF) environment setup tools for OWASP Juice Shop supporting CTFd, FBCTF and RootTheBox

Summary of online learning materials

Selenium powered Python script to automate searching for vulnerable web apps.

A Cloudflare resolver that works

The Shadow Attack Framework

Red Teaming Tactics and Techniques

Docker image for Osmedeus, a fully automated offensive security tool for reconnaissance and vulnerability scanning

Dradis Framework: Colllaboration and reporting for IT Security teams

A collection of useful scripts for Cobalt Strike

This repo will contain some basic pentest/RT commands.

红蓝对抗以及护网相关工具和资料，内存shellcode（cs+msf）和内存马查杀工具

Sifter aims to be a fully loaded Op Centre for Pentesters

Botnet targeting Windows machines written entirely in Python & open source security project.

Offline command line lookup utility for GTFOBins (https://github.com/GTFOBins/GTFOBins.github.io) and LOLBAS (https://github.com/LOLBAS-Project/LOLBAS)

😹 Tomcter is a python tool developed to bruteforce Apache Tomcat manager login with Apache Tomcat default credentials.

An Arch Linux repository for security professionals and enthusiasts. Done the Arch Way and optimized for i686, x86_64, ARMv6, ARMv7 and ARMv8.

Simple Keylogger with smtp to send emails on your account using python works on linux and Windows

Semi-automatic OSINT framework and package manager

Multi OTP Spam Amp/Paralell threads

⚡ Perform subdomain enumeration using the certificate transparency logs from Censys.

A tool for fuzzing for ports that allow outgoing connections

👻Behold3r -- 收集指定网站的子域名，并可监控指定网站的子域名更新情况，发送变更报告至指定邮箱

This powershell script has got to run in remote hacked windows host, even for pivoting

Pentesting/Bugbounty Dockerfiles.

Abusing Impersonation Privileges on Windows 10 and Server 2019