2825 Open source projects that are alternatives of or similar to Pythem

Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)

大型内网渗透扫描器&Cobalt Strike，Ladon8.9内置120个模块，包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2，密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem，Poc/Exploit,支持Cobalt Strike 3.X-4.0

Powerfull XSS Scanning and Parameter analysis tool&gem

Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns

Web path scanner

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

Web Application Security Scanner Framework

Its a framework filled with alot of options and hacking tools you use directly in the script from brute forcing to payload making im still adding more stuff i now have another tool out called htkl-lite its hackers-tool-kit just not as big and messy to see updates check on my instagram @tuf_unkn0wn or if there are any problems message me on instagram

K8Cscan大型内网渗透自定义插件化扫描神器，包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用，程序采用多线程批量扫描大型内网多个IP段C段主机，目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本，支持Cobalt Strike联动

Vulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.

Git All the Payloads! A collection of web attack payloads.

DDOS Archive by RootSec (Scanners, BotNets (Mirai and QBot Premium & Normal and more), Exploits, Methods, Sniffers)

Misc. Public Reports of Penetration Testing and Security Audits.

3389远程桌面代码执行漏洞CVE-2019-0708批量检测工具(Rdpscan Bluekeep Check)

Next generation web scanner

🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.

Fast Modular Web Interfaces Bruteforcer

Collection of quality safety articles. Awesome articles.

Set of tools to audit SIP based VoIP Systems

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

Python Interactive Deepweb-oriented Rapid Intelligent Link Analyzer

Hacking Toolkit

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

Open source all-in-one CLI tool to semi-automate pentesting.

A list of resources for those interested in getting started in bug bounties

Notes about attacking Jenkins servers

JSshell - JavaScript reverse/remote shell

DEPRECATED, bettercap developement moved here: https://github.com/bettercap/bettercap

No description or website provided.

A list of useful payloads for Web Application Security and Pentest/CTF

Ladon Pentest Scanner framework 全平台LadonGo开源内网渗透扫描器框架，使用它可轻松一键批量探测C段、B段、A段存活主机、高危漏洞检测MS17010、SmbGhost，远程执行SSH/Winrm，密码爆破SMB/SSH/FTP/Mysql/Mssql/Oracle/Winrm/HttpBasic/Redis，端口扫描服务识别PortScan指纹识别/HttpBanner/HttpTitle/TcpBanner/Weblogic/Oxid多网卡主机，端口扫描服务识别PortScan。

cve-2019-0604 SharePoint RCE exploit

A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.

Ladon Network Penetration Scanner for PowerShell, vulnerability / exploit / detection / MS17010/SmbGhost,Brute-Force SMB/IPC/WMI/NBT/SSH/FTP/MSSQL/MYSQL/ORACLE/VNC

my oscp prep collection

A framework that create an advanced stealthy dropper that bypass most AVs and have a lot of tricks

Automated NoSQL database enumeration and web application exploitation tool.

scan for NTLM directories

Free advanced and modern Windows botnet with a nice and secure PHP panel.

Sifter aims to be a fully loaded Op Centre for Pentesters

All releases of the security research group (a.k.a. hackers) The Hacker's Choice

An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

Auto Scanning to SSL Vulnerability

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Automated Red Team Infrastructure deployement using Docker

hydra

Socks proxy, and reverse socks server using powershell.

Resources about network security, including: Proxy/GFW/ReverseProxy/Tunnel/VPN/Tor/I2P, and MiTM/PortKnocking/NetworkSniff/NetworkAnalysis/etc。More than 1700 open source tools for now. Post incoming.

Mass scan IPs for vulnerable services

OWASP WEB Directory Scanner

windows-kernel-exploits Windows平台提权漏洞集合

Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.

A collection of more than 140+ tools, scripts, cheatsheets and other loots that I have developed over years for Red Teaming/Pentesting/IT Security audits purposes. Most of them came handy on at least one of my real-world engagements.

A Better(Maybe) iOS Audio Stream、Cache、Play Framework

OWASP Joomla Vulnerability Scanner Project

Ruby on Rails Phishing Framework

Generate unicode evil domains for IDN Homograph Attack and detect them.