707 Open source projects that are alternatives of or similar to Red Team Infrastructure Wiki

👶 BabySploit Beginner Pentesting Toolkit/Framework Written in Python 🐍

online port scan scraper

retrieve information via O365 with a valid cred

Uses Empire's (https://github.com/BC-SECURITY/Empire) RESTful API to automate gaining Domain and/or Enterprise Admin rights in Active Directory environments using some of the most common offensive TTPs.

Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting

🕵️‍♂️ Sanity checking containers, vms, and servers

Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns

Monitoring GitLab for sensitive data shared publicly

CVE-2016-8610 (SSL Death Alert) PoC

The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.

Simple multi threaded tool to extract domain related data from commoncrawl.org

Backstage is an open platform for building developer portals

a lightweight, security focused, BDD test framework against terraform.

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

The Last Web Recon Tool You'll Need

Offline command line lookup utility for GTFOBins (https://github.com/GTFOBins/GTFOBins.github.io) and LOLBAS (https://github.com/LOLBAS-Project/LOLBAS)

Awesome Nmap Grep

A tool to fastly get all javascript sources/files

Bash script purposed for system enumeration, vulnerability identification and privilege escalation.

An extensible application for penetration testers and software developers to decode/encode data into various formats.

⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡

Distributed self-replicating programs in Python

Semi-automatic OSINT framework and package manager

An open source Android application that is intentionally vulnerable so as to act as a learning platform for Android application security beginners.

Scripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient

Go library to create resilient feedback loop/control controllers.

Homemade Pwnbox 🚀 / Rogue AP 📡 based on Raspberry Pi — WiFi Hacking Cheatsheets + MindMap 💡

Accelerated deep learning R&D

A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.

Powerful Visual Subdomain Enumeration at the Click of a Mouse

A high performance offensive security tool for reconnaissance and vulnerability scanning

Tool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

Spoilerwall introduces a brand new concept in the field of network hardening. Avoid being scanned by spoiling movies on all your ports!

Open Source Workflow Engine for Cloud Native Infrastructure

A project structure that outlines some best practises of how to use ansible

An open, distributed platform as a service

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)

Vividus is all in one test automation tool

linuxprivchecker.py -- a Linux Privilege Escalation Check Script

Testing framework for infrastructure software

Reverse proxies cheatsheet

Capture-the-Flag (CTF) environment setup tools for OWASP Juice Shop

🏴‍☠️ Information Gathering tool 🏴‍☠️ DNS / Subdomains / Ports / Directories enumeration

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

RubberDucky like payloads for DigiSpark Attiny85

Web path scanner

Human and machine readable web vulnerability testing format

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

☄️ Temporal is an easy-to-use, enterprise-grade interface into distributed and decentralized storage

Python3 script to perform LDAP queries and enumerate users, groups, and computers from Windows Domains. Ldap_Search can also perform brute force/password spraying to identify valid accounts via LDAP.

Terraform Module for AWS Landing Zone

The best Hacking and PenTesting tools installer on the world

A native Scala client for interacting with Consul

Vagrant VirtualBox environment for conducting an internal network penetration test

A Python tool used to automate the execution of the following tools : Nmap , Nikto and Dirsearch but also to automate the report generation during a Web Penetration Testing

A Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.

The Robot Security Framework (RSF), Robot Security Framework (RSF), a standardized methodology to perform security assessments in robotics.

Subdomain Takeover tool written in Go