1015 Open source projects that are alternatives of or similar to Pwncat

Docker image for Osmedeus, a fully automated offensive security tool for reconnaissance and vulnerability scanning

Port scanning and domain utility.

A powerful hacker toolkit collected more than 10 categories of open source scanners from Github - 安全行业从业者自研开源扫描器合辑

This repo will contain some basic pentest/RT commands.

Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.

A python tool to check subdomain takeover vulnerability

Web Content Discovery Tool

Infection Monkey - An automated pentest tool

Detects the algorithm of input JWT Token and provide options to generate the new JWT token based on the user selected algorithm.

Open source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.

Capstone: Keylogger Trojan

Modern tactical exploitation toolkit.

ToRat is a Remote Administation tool written in Go using Tor as a transport mechanism and RPC for communication

Linux Rootkits (4.x Kernel)

Search for Unix binaries that can be exploited to bypass system security restrictions.

A fully automatic wifi deauther coded in Python

PowerShell SOCKS proxy with reverse proxy capabilities

Self contained htaccess shells and attacks

Powerfull XSS Scanning and Parameter analysis tool&gem

PowerShell Runspace Portable Post Exploitation Tool aimed at making Penetration Testing with PowerShell "easier"

Security tool to quickly audit Public Box files and folders.

Tool for port forwarding & intranet proxy

Just another script for automatize boolean-based blind SQL injections. (Demo)

RDP man-in-the-middle (mitm) and library for Python with the ability to watch connections live or after the fact

Extract endpoints from APK files

A Docker container for remote penetration testing.

parse nmap files

Burp Extension for testing authorization issues. Automated request repeating and parameter value extraction on the fly.

Reverse proxies cheatsheet

Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security.

Raven-Storm is a powerful DDoS toolkit for penetration tests, including attacks for several protocols written in python. Takedown many connections using several exotic and classic protocols.

Quick utility to craft executables for pentesting and managing reverse shells

Pre-connection attacks, gaining access & post-connection attacks on WEP, WPA & WPA2. 🛰✔️

🦄🔒 Awesome list of secrets in environment variables 🖥️

Quick tool for checking CVE-2020-0688 on multiple hosts with a non-intrusive method.

Most usable tools for iOS penetration testing

⚡ Perform subdomain enumeration using the certificate transparency logs from Censys.

A web application for generating custom XSS payloads

OSINT Swiss Army Knife

Intelligent XSS detection tool that uses human techniques for looking for reflected cross-site scripting (XSS) vulnerabilities

jSQL Injection is a Java application for automatic SQL database injection.

SessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally.

Directory Services Internals (DSInternals) PowerShell Module and Framework

A collection of various GitHub gists for hackers, pentesters and security researchers

A fully featured Windows backdoor that uses Gmail as a C&C server

Web App Pen Tester (Web Interface)

linux-kernel-exploits Linux平台提权漏洞集合

Do some quick reconnaissance on a domain-based web-application

Repository of my CTF writeups

Oracle Database Penetration Testing Reference (10g/11g)

Facebook Write-ups, PoC, and exploitation codes:

Open Redirect scanner - (out of date)

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

The SpecterOps project management and reporting engine

A shot-for-shot remake of the Google Login Page.

Hashtopolis - A Hashcat wrapper for distributed hashcracking

SS7 MAP (pen-)testing toolkit. DISCONTINUED REPO, please use: https://github.com/0xc0decafe/ss7MAPer/

SecurityExplained is a new series after the previous learning challenge series #Learn365. The aim of #SecurityExplained series is to create informational content in multiple formats and share with the community to enable knowledge creation and learning.

Capture-the-Flag (CTF) environment setup tools for OWASP Juice Shop supporting CTFd, FBCTF and RootTheBox

用于记录内网渗透(域渗透)学习 :-)