1015 Open source projects that are alternatives of or similar to Pwncat

Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。

Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

Hacker101 CTF Writeup

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)

Study Notes For Web Hacking / Web安全学习笔记

Hershell is a simple TCP reverse shell written in Go.

Quiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.

Use ExpiredDomains.net and BlueCoat to find useful domains for red team.

The ultimate WinRM shell for hacking/pentesting

A simple tool for interacting with OWASP ZAP from the commandline.

Selenium powered Python script to automate searching for vulnerable web apps.

A REST API security testing framework.

🙃 Reverse Shell Cheat Sheet 🙃

Wordpress Attack Suite

HostHunter a recon tool for discovering hostnames using OSINT techniques.

Passwords Recovery Tool

A high performance offensive security tool for reconnaissance and vulnerability scanning

A framework for Backdoor development!

Wi-Fi tools keep getting more and more accessible to beginners, and the Ehtools Framework is a framework of serious penetration tools that can be explored easily from within it. This powerful and simple tool can be used for everything from installing new add-ons to grabbing a WPA handshake in a matter of seconds. Plus, it's easy to install, set up, and utilize.

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

Phishing Tool & Information Collector

A Python tool used to automate the execution of the following tools : Nmap , Nikto and Dirsearch but also to automate the report generation during a Web Penetration Testing

A curated list of awesome privilege escalation

Code from Blackhat Python book

Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.

Generates malicious LNK file payloads for data exfiltration

A fast DOM based XSS vulnerability scanner with simplicity.

Python based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.

Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands on training!

An Arch Linux repository for security professionals and enthusiasts. Done the Arch Way and optimized for i686, x86_64, ARMv6, ARMv7 and ARMv8.

an easy pentesting tool.

A Cloudflare resolver that works

🔨 A modern multiple reverse shell sessions manager wrote in go

Offensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.

Fast directory scanning and scraping tool

Steganography brute-force utility to uncover hidden data inside files

Pentest: Subdomains enumeration tool for penetration testers.

Automated Pentest Tools Designed For Parrot Linux

PeekABoo tool can be used during internal penetration testing when a user needs to enable Remote Desktop on the targeted machine. It uses PowerShell remoting to perform this task. Note: Remote desktop is disabled by default on all Windows operating systems.

Tool Information Gathering Write By Python.

Chimera is a (shiny and very hack-ish) PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.

📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.

Spoilerwall introduces a brand new concept in the field of network hardening. Avoid being scanned by spoiling movies on all your ports!

Idiomatic nmap library for go developers

Go library for credentials recovery

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

Framework For Exploring kernel vulnerabilities, network vulnerabilities ✨

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Bifrost C2. Open-source post-exploitation using Discord API

Vaf is a cross-platform very advanced and fast web fuzzer written in nim

Reverse shell manager using tmux and ncat

List of Security Archives Tools and software, generally for facilitate security & penetration research. Opening it up to everyone will facilitate a knowledge transfer. Hopefully the initial set will grow and expand.

C2/post-exploitation framework

A standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)

NetCat for Windows

Useful tools and scripts during Penetration Testing engagements

Applied offensive security with Rust - Early access - https://academy.kerkour.com/black-hat-rust?coupon=GITHUB

Chashell is a Go reverse shell that communicates over DNS. It can be used to bypass firewalls or tightly restricted networks.

MSDAT: Microsoft SQL Database Attacking Tool

👻Impost3r -- A linux password thief