688 Open source projects that are alternatives of or similar to Pxenum

A collection of personal scripts used in hacking excercises.

Ghost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device. Ghost Framework gives you the power and convenience of remote Android device administration.

RSPET (Reverse Shell and Post Exploitation Tool) is a Python based reverse shell equipped with functionalities that assist in a post exploitation scenario.

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.

Python tool that monitors and logs user-run commands on a Linux system for either offensive or defensive purposes..

Mouse Framework is an iOS and macOS post-exploitation framework that gives you a command line session with extra functionality between you and a target machine using only a simple Mouse payload. Mouse gives you the power and convenience of uploading and downloading files, tab completion, taking pictures, location tracking, shell command execution, escalating privileges, password retrieval, and much more.

🏴‍☠️ Tools for pentesting, CTFs & wargames. 🏴‍☠️

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.

swap_digger is a tool used to automate Linux swap analysis during post-exploitation or forensics. It automates swap extraction and searches for Linux user credentials, web forms credentials, web forms emails, http basic authentication, Wifi SSID and keys, etc.

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

Enumerate information from NTLM authentication enabled web endpoints 🔎

Relational database brute force and post exploitation tool for MySQL and MSSQL

Leverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.

Just Another Linux Enumeration Script: A Bash script for locally enumerating a compromised Linux box

Network Pivoting Toolkit

🏴‍☠️ Information Gathering tool 🏴‍☠️ DNS / Subdomains / Ports / Directories enumeration

Perform automated network reconnaissance scans

Automated NoSQL database enumeration and web application exploitation tool.

A high performance offensive security tool for reconnaissance and vulnerability scanning

Proton Framework is a Windows post-exploitation framework similar to other Windows post-exploitation frameworks. The major difference is that the Proton Framework does most of its operations using Windows Script Host, with compatibility in the core to support a default installation of Windows 2000 with no service packs all the way through Windows 10.

Windows post-exploitation tools, resources, techniques and commands to use during post-exploitation phase of penetration test. Contributions are appreciated. Enjoy!

Everything needed for doing CTFs

📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor

File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

Web path scanner

Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting

A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.

🐳 Full-fledged Android SDK Docker Image

An HTTP/HTTPS intercept proxy written in Go.

Using open Adb ports we can exploit a Andriod Device

Email recon made fast and easy, with a framework to build on

People tracker on the Internet: OSINT analysis and research tool by Jose Pino

Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns

Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python

🆕 The Multi-Tool Web Vulnerability Scanner.

做redteam时使用，修改自Ridter的https://github.com/Ridter/Intranet_Penetration_Tips

Python黑客编程之极速入门

Mengobati rasa ingin tahu atau kadang hanya iseng

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

Tool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.

Notes about attacking Jenkins servers

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

A curated list of awesome Hacking tutorials, tools and resources

🔗 All the resources I could find for learning Ethical Hacking and Penetration Testing.

A list of resources for those interested in getting started in bug bounties

Packer Fuzzer is a fast and efficient scanner for security detection of websites constructed by javascript module bundler such as Webpack.

TextFiles.com mirror

记录自己编写、修改的部分工具

Tools, tips, tricks, and more for exploring ICS Security.

Speedhack coded in C++, inspired by Cheat Engine's own speedhack.

CatchME - WiFi Fun Box "Having Fun with ESP8266"

(Not actively maintained, use DRV3-Sharp) Tools for extracting and re-injecting files for Danganronpa V3 for PC.

venom - shellcode generator/compiler/handler (metasploit)

An open-source post-exploitation framework for students, researchers and developers.