1015 Open source projects that are alternatives of or similar to Pwncat

Summary of online learning materials

红蓝对抗以及护网相关工具和资料，内存shellcode（cs+msf）和内存马查杀工具

渗透测试人员专用精简化字典 Dictionary for penetration testers happy hacker

Botnet targeting Windows machines written entirely in Python & open source security project.

K8Cscan大型内网渗透自定义插件化扫描神器，包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用，程序采用多线程批量扫描大型内网多个IP段C段主机，目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本，支持Cobalt Strike联动

Hack the World using Termux

My notes on PentesterLab's Bootcamp series 🕵️

Simple Keylogger with smtp to send emails on your account using python works on linux and Windows

WireBug is a toolset for Voice-over-IP penetration testing

This script will you help to find the information about the website and to help in penetrating testing

Automated Red Team Infrastructure deployement using Docker

红蓝对抗跨平台远控工具

A sort of simple shell which support multiple protocols.

Password-protected writeups of HTB platform (challenges and boxes) https://cesena.github.io/

一款功能强大的漏洞扫描器，子域名爆破使用aioDNS，asyncio异步快速扫描，覆盖目标全方位资产进行批量漏洞扫描，中间件信息收集，自动收集ip代理，探测Waf信息时自动使用来保护本机真实Ip，在本机Ip被Waf杀死后，自动切换代理Ip进行扫描，Waf信息收集(国内外100+款waf信息)包括安全狗，云锁，阿里云，云盾，腾讯云等，提供部分已知waf bypass 方案，中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等)，支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能

link is a command and control framework written in rust

The Shadow Attack Framework

Advanced Web Shell

An advanced tool for email reconnaissance

An advanced reverse shell written in Python3.

network visualization & vulnerability management/reporting

Executes common PowerSploit Powerview functions then combines output into a spreadsheet for easy analysis.

A tool for fuzzing for ports that allow outgoing connections

Misc. Public Reports of Penetration Testing and Security Audits.

cms识别

Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.

Ladon Moudle MS17010 Exploit for PowerShell

⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡

🆕 The Multi-Tool Web Vulnerability Scanner.

A very loud but fast recon scan and pentest template creator for use in CTF's/OSCP/Hackthebox...

A distributed nmap / masscan scanning framework complete with an API client for automation workflows

Automatic SQL injection and database takeover tool

A collection of special paths linked to major web CVEs, known misconfigurations, juicy APIs ..etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints and quick-wins.

📂 Source Code for (some of) the Programming Tutorials from my Italian YouTube Channel and website ProgrammareInPython.it. This is just a small portion of the content: please visit the website for more.

Burpsuite-Plugins-Usage

JAR, Java, and JSP shells that work on Linux OS, macOS, and Windows OS.

A graph-based tool for visualizing effective access and resource relationships in AWS environments.

Security Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.

👻Behold3r -- 收集指定网站的子域名，并可监控指定网站的子域名更新情况，发送变更报告至指定邮箱

It's a tool which generate a dictionary from a csv containing personals informations. Generate all common passwords based on perso info. (leet transformations and combinatory processing)

Payload for teensy like a rubber ducky but the syntax is different. this Human interfaes device ( HID attacks ). Penetration With Teensy . Brutal is a toolkit to quickly create various payload,powershell attack , virus attack and launch listener for a Human Interface Device ( Payload Teensy )

Open-Source Ransomware As A Service for Linux, MacOS and Windows

All in One CRACKER911181's Tool. This Tool For Hacking and Pentesting. 🎭

Pentesting/Bugbounty Dockerfiles.

A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.

🤖 The Modern Port Scanner 🤖

./kumasia php simple backdoor

Python 3.5+ DNS asynchronous brute force utility

My notebook for OSCP Lab

rconn is a multiplatform program for creating generic reverse connections. Lets you consume services that are behind firewall or NAT without opening ports or port-forwarding.

This cheasheet is aimed at the CTF Players and Beginners to help them sort Vulnhub Labs. This list contains all the writeups available on hackingarticles.

A Collection of articles, videos, blogs, talks and other materials on Node.js Security

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

This program focuses on automating the download, installation and compilation of pentest tools from source

Modular personalized dictionary generator.

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)

Payload Arsenal for Pentration Tester and Bug Bounty Hunters

A "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)

🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks

渗透测试☞经验/思路/总结/想法/笔记