563 Open source projects that are alternatives of or similar to Rdpassspray

Wordlist for content(directory) bruteforce discovering with Burp or dirsearch

an easy pentesting tool.

Open Redirect Payloads

Port scanning and domain utility.

Web Pentesting Fuzz 字典,一个就够了。

This repo will contain some basic pentest/RT commands.

A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.

Easy files and payloads delivery over DNS

Intercept, modify, repeat and attack Android's Binder transactions using Burp Suite

😹 Tomcter is a python tool developed to bruteforce Apache Tomcat manager login with Apache Tomcat default credentials.

A python tool to check subdomain takeover vulnerability

This repository contains full code examples from the book Gray Hat C#

Detects the algorithm of input JWT Token and provide options to generate the new JWT token based on the user selected algorithm.

Load a fresh new copy of ntdll.dll via file mapping to bypass API inline hook.

swiss army knife for hackers

Offensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.

Tool Information Gathering Write By Python.

HTML5 based remote desktop gateway using Apache Guacamole and Traefik Reverse Proxy including AD authentication and 2-FA

Linux Rootkits (4.x Kernel)

Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.

A fully automatic wifi deauther coded in Python

Network Pivoting Toolkit

Search for Directory Traversal Vulnerabilities

PowerShell SOCKS proxy with reverse proxy capabilities

A pentesting tool inspired by mr robot and derived by zphisher

Framework designed to automate various wireless networks attacks (the project was presented on Pentester Academy TV's toolbox in 2017).

Just another script for automatize boolean-based blind SQL injections. (Demo)

Burp Extension for testing authorization issues. Automated request repeating and parameter value extraction on the fly.

Watchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.

👻 A LAN dropbox chatbot controllable via Telegram

THE ESP8266 HONEYPOT

Raven-Storm is a powerful DDoS toolkit for penetration tests, including attacks for several protocols written in python. Takedown many connections using several exotic and classic protocols.

Quick utility to craft executables for pentesting and managing reverse shells

Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

Pre-connection attacks, gaining access & post-connection attacks on WEP, WPA & WPA2. 🛰✔️

🦄🔒 Awesome list of secrets in environment variables 🖥️

Web Application Security Automation Framework which recons the target for various assets to maximize the attack surface for security professionals & bug-hunters

A bash script for recon and DOS attacks

💻 This VSTO Add-In allows the user to ping a list of servers and creates a file for Microsoft Remote Desktop Manager an Excel table. This is used for quickly determining which servers are offline in a list. It is written in 3 different versions as a VSTO Add-In in C# and VB.NET as well as a VBA Add-In.

Ubuntu, Alpine, Arch, and Fedora based Webtop images, Linux in a web browser supporting popular desktop environments.

Kali and Parrot OS docker images accessible via VNC, RDP and Web

Quick tool for checking CVE-2020-0688 on multiple hosts with a non-intrusive method.

Scan .onion hidden services with nmap using Tor, proxychains and dnsmasq in a minimal alpine Docker container.

OneForAll是一款功能强大的子域收集工具

tcp connection hijacker, rust rewrite of shijack

Intelligent XSS detection tool that uses human techniques for looking for reflected cross-site scripting (XSS) vulnerabilities

Command line tool that allows you to explore IoT devices by using Shodan API.

Next generation web scanner

Web Recon & Exploitation Tool.

A Modular Framework for the Automated Vulnerability Analysis in IP-based Networks

OSINT

Fully automated offensive security framework for reconnaissance and vulnerability scanning

Do some quick reconnaissance on a domain-based web-application

Repository of my CTF writeups

巡风是一款适用于企业内网的漏洞快速应急，巡航扫描系统。

Facebook Write-ups, PoC, and exploitation codes:

Enumerate usernames on a domain where you have no creds by using SMB Relay with low priv.

network reconnaissance toolkit

SQLi-Hunter is a simple HTTP / HTTPS proxy server and a SQLMAP API wrapper that makes digging SQLi easy.

Open Redirect scanner - (out of date)