1015 Open source projects that are alternatives of or similar to Pwncat

A Modular Framework for the Automated Vulnerability Analysis in IP-based Networks

A REST API security testing framework.

Web Recon & Exploitation Tool.

A Tool for Domain Flyovers

A pentesting tool inspired by mr robot and derived by zphisher

A Cloudflare resolver that works

Statically-linked ssh server with reverse shell functionality for CTFs and such

Fully automated offensive security framework for reconnaissance and vulnerability scanning

Command line tool that allows you to explore IoT devices by using Shodan API.

A curated list of awesome privilege escalation

Internal penetration testing tool for Linux that can be used to enumerate OS information, domain information, shares, directories, and users through SMB.

A script that automates generation of OpenSSL reverse shells

A webshell framework for penetration testers.

Exploits and Security Tools Framework 2.0.1

Pentest environment deployer (kali linux + targets) using vagrant and chef.

Vanquish is Kali Linux based Enumeration Orchestrator. Vanquish leverages the opensource enumeration tools on Kali to perform multiple active information gathering phases.

An automated approach to performing recon for bug bounty hunting and penetration testing.

巡风是一款适用于企业内网的漏洞快速应急，巡航扫描系统。

Handbook of information collection for penetration testing and src

Goca Scanner

A Powerful Subdomain Takeover Tool

A cross-platform python based utility for information gathering and penetration testing automation!

[ Admin panel finder / Admin Login Page Finder ] ¢σ∂є∂ ву 👻 (❤-❤) 👻

Decrypt passwords/cookies/history/bookmarks from the browser. 一款可全平台运行的浏览器数据导出解密工具。

Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.

Fast web fuzzer written in Go

渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms

CloudBunny is a tool to capture the real IP of the server that uses a WAF as a proxy or protection. In this tool we used three search engines to search domain information: Shodan, Censys and Zoomeye.

Credential stuffing engine built for security professionals

Exploit for the RpcEptMapper registry key permissions vulnerability (Windows 7 / 2088R2 / 8 / 2012)

Find exploit tool

Comprehensive Web Based Phishing Suite for Rapid Deployment and Real-Time Alerting!

Generate Gmail Emailing Keyloggers to Windows.

fireELF - Fileless Linux Malware Framework

Free Security and Hacking eBooks

IP Tools To quickly get information about IP Address's, Web Pages and DNS records.

GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes.

Free advanced and modern Windows botnet with a nice and secure PHP panel.

DotDotPwn - The Directory Traversal Fuzzer

Web Application Security Scanner Framework

Top 100 Hacking & Security E-Books (Free Download)

SIP-Based Audit and Attack Tool

linuxprivchecker.py -- a Linux Privilege Escalation Check Script

A post exploitation tool based on a web application, focusing on bypassing endpoint protection and application whitelisting

A tool for logging data/testing devices with a Wiegand Interface. Can be used to create a portable RFID reader or installed directly into an existing installation. Provides access to a web based interface using WiFi in AP or Client mode. Will work with nearly all devices that contain a standard 5V Wiegand interface. Primary target group is 26-37bit HID Cards. Similar to the Tastic RFID Thief, Blekey, and ESPKey.

A Modular Penetration Testing Framework

The Web Application Hacker's Handbook - Extra Content

Linux privilege escalation checks (systemd, dbus, socket fun, etc)

windows-kernel-exploits Windows平台提权漏洞集合

Intelligence tool but without API key

一款信息泄漏利用工具，适用于.git/.svn源代码泄漏和.DS_Store泄漏

locate and attack Lync/Skype for Business

Pentest/BugBounty progress control with scanning modules

A Hashcat wrapper for distributed hashcracking

A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.

🐶 A curated list of Web Security materials and resources.

OWASP WEB Directory Scanner

DNS Rebinding Exploitation Framework

Hundreds of Offensive and Useful Docker Images for Network Intrusion. The name says it all.