563 Open source projects that are alternatives of or similar to Rdpassspray

Vaf is a cross-platform very advanced and fast web fuzzer written in nim

Fast Modular Web Interfaces Bruteforcer

Framework designed to automate various wireless networks attacks (the project was presented on Pentester Academy TV's toolbox in 2017).

Script to automate PUT HTTP method exploitation to get shell

Tool that will request the public disclosures on a specific HackerOne program and show them in a localhost webserver.

mosquito - Automating reconnaissance and brute force attacks

Burp Extension for testing authorization issues. Automated request repeating and parameter value extraction on the fly.

generates weak passwords based on current date

Python network tool, similar to Netcat with custom features.

ELKFH - Elastic, Logstash, Kibana, Filebeat and Honeypot (HTTP, HTTPS, SSH, RDP, VNC, Redis, MySQL, MONGO, SMB, LDAP)

A PowerShell-based toolkit and framework consisting of a collection of techniques and tradecraft for use in red team, post-exploitation, adversary simulation, or other offensive security tasks.

A Python3 based single-file subdomain enumerator

整理一些内网常用渗透小工具

Quick utility to craft executables for pentesting and managing reverse shells

一款信息泄漏利用工具，适用于.git/.svn源代码泄漏和.DS_Store泄漏

This tool was created as a Proof of Concept to reveal the threats related to web service misconfiguration using CloudFlare as reverse proxy and WAF

🔥 Firecrack pentest tools: Facebook hacking random attack, deface, admin finder, bing dorking:

BlackRAT - Java Based Remote Administrator Tool

Keyfinder🔑 is a tool that let you find keys while surfing the web!

Exploit pack for pentesters and ethical hackers.

Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

The Collective. A repo for a collection of red-team projects found mostly on Github.

Network Vulnerability Scanner

🔪 Leak git repositories from misconfigured websites

🦄🔒 Awesome list of secrets in environment variables 🖥️

A set of recipes useful in pentesting and red teaming scenarios

RSPET (Reverse Shell and Post Exploitation Tool) is a Python based reverse shell equipped with functionalities that assist in a post exploitation scenario.

Web Application Security Automation Framework which recons the target for various assets to maximize the attack surface for security professionals & bug-hunters

The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.

The best Hacking and PenTesting tools installer on the world

Ubuntu, Alpine, Arch, and Fedora based Webtop images, Linux in a web browser supporting popular desktop environments.

Subdomain Takeover tool written in Go

Rescope is a tool geared towards pentesters and bugbounty researchers, that aims to make life easier when defining scopes for Burp Suite and OWASP ZAP.

Our OSCP repo: from popping shells to mental health.

List of Security Archives Tools and software, generally for facilitate security & penetration research. Opening it up to everyone will facilitate a knowledge transfer. Hopefully the initial set will grow and expand.

Web hacking framework with tools, exploits by python

Script samples from the book Pentesting Azure Applications (2018, No Starch Press)

Capture-the-Flag (CTF) environment setup tools for OWASP Juice Shop

Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries

Quick tool for checking CVE-2020-0688 on multiple hosts with a non-intrusive method.

PHP function tracker

The iOS Security Testing Framework

Scan .onion hidden services with nmap using Tor, proxychains and dnsmasq in a minimal alpine Docker container.

Dynamic file detection tool based on crawler 基于爬虫的动态敏感文件探测工具

Just Another Linux Enumeration Script: A Bash script for locally enumerating a compromised Linux box

Ferramenta para quebrar senhas administrativas de roteadores Wireless, routers, switches e outras plataformas de gestão de serviços de rede autenticados.

Command line tool that allows you to explore IoT devices by using Shodan API.

Applied offensive security with Rust - Early access - https://academy.kerkour.com/black-hat-rust?coupon=GITHUB

A fast DOM based XSS vulnerability scanner with simplicity.

Overlord - Red Teaming Infrastructure Automation

Nmap and NSE command line wrapper in the style of Metasploit

Tool to automate common OSINT tasks

Micro-framework for rapid development of reusable security tools

Next generation web scanner

SMTP and IMAP checker / cracker for mailpass combolists with a user-friendly GUI, automated inbox test and many more features.

Hashcat web interface

WhiteWinterWolf's PHP web shell

locate and attack Lync/Skype for Business

PoC Command and Control Server. Interact with clients through a private web interface, add new users for team sharing and more.

For all your network pentesting needs