782 Open source projects that are alternatives of or similar to Pspy

Get GTFOBins info about a given exploit from the command line

Internal penetration testing tool for Linux that can be used to enumerate OS information, domain information, shares, directories, and users through SMB.

Just Another Linux Enumeration Script: A Bash script for locally enumerating a compromised Linux box

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

Venom - A Multi-hop Proxy for Penetration Testers

Intelligence and Reconnaissance Package/Bundle installer.

A vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.

Python 3.5+ DNS asynchronous brute force utility

Micro-framework for rapid development of reusable security tools

Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting

Rescope is a tool geared towards pentesters and bugbounty researchers, that aims to make life easier when defining scopes for Burp Suite and OWASP ZAP.

Command line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.

🏴‍☠️ Tools for pentesting, CTFs & wargames. 🏴‍☠️

A high performance offensive security tool for reconnaissance and vulnerability scanning

an asynchronous target enumeration tool

A tool to enumerate network services

Capture-the-Flag (CTF) environment setup tools for OWASP Juice Shop supporting CTFd, FBCTF and RootTheBox

A curated list of awesome privilege escalation

⚡️ Worlds fastest steghide cracker, chewing through millions of passwords per second ⚡️

Web path scanner

Spoilerwall introduces a brand new concept in the field of network hardening. Avoid being scanned by spoiling movies on all your ports!

Simple Server Side Request Forgery services enumeration tool.

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Linux enumeration tool for pentesting and CTFs with verbosity levels

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Penetration Testing and Hacking CTF's Swiss Army Knife with: Reverse Shell Handling - Encoding/Decoding - Encryption/Decryption - Cracking Hashes / Hashing

👻Stowaway -- Multi-hop Proxy Tool for pentesters

Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries

🏴‍☠️ Information Gathering tool 🏴‍☠️ DNS / Subdomains / Ports / Directories enumeration

无状态子域名爆破工具

Relational database brute force and post exploitation tool for MySQL and MSSQL

备考 OSCP 的各种干货资料/渗透测试干货资料

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

This tool aims at automating the identification of potential service running behind ports identified manually either through manual scan or services running locally. The tool is useful when nmap or any scanning tool is not available and in the situation during which you did a manual port scanning and then want to identify the services running behind the identified ports.

A tool to test security of json web token

Capture-the-Flag (CTF) environment setup tools for OWASP Juice Shop

Port of Wappalyzer (uncovers technologies used on websites) to automate mass scanning.

File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

Steganography brute-force utility to uncover hidden data inside files

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.

🔨 A modern multiple reverse shell sessions manager wrote in go

This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference

⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡

Notes for taking the OSCP in 2097. Read in book form on GitBook

Python3 script to perform LDAP queries and enumerate users, groups, and computers from Windows Domains. Ldap_Search can also perform brute force/password spraying to identify valid accounts via LDAP.

Powerful Visual Subdomain Enumeration at the Click of a Mouse

Bash script purposed for system enumeration, vulnerability identification and privilege escalation.

A Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.

Exploits by 1N3 @CrowdShield @xer0dayz @XeroSecurity

File upload vulnerability scanner and exploitation tool.

Roadmap for preparing for OSCP, anyone is free to use this, and also feedback and contributions are welcome

Source code, writeups and exps in LCTF2017.

A database of collected CTFs and their solutions.

Python script wrote to automate the process of generating various reverse shells.

This code is vulnerable to SQL Injection and having SQLite database. For SQLite database, SQL Injection payloads are different so it is for fun. Just enjoy it \m/

Web hacking framework with tools, exploits by python

Quiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.

Leverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.