1114 Open source projects that are alternatives of or similar to Red Teaming Toolkit

A collection of various awesome lists for hackers, pentesters and security researchers

Collection of pentesting scripts

Pwning the Nuro issued Huawei HG8045Q

Community Workflow for the Osmedeus Engine that describes basic reconnaissance methodology for you to build your own

hacker, ready for more of our story ! 🚀

🌰 An onion url inspector for inspecting deep web links.

Mirror of my favourite hacking Zines for the lulz, nostalgy, and reference

Top 100 Hacking & Security E-Books (Free Download)

CTF竞赛权威指南

Nuclei templates for K8S security scanning

All in 1 Pakisthani Facebook Cloner [ 7/8/9/10/11 DIGIT ]

bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.

🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks

A time lapse app for Sony Alpha camera using the OpenMemories framework

Directory/File, DNS and VHost busting tool written in Go

Keye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will make a request to these URLs and try to detect changes based on their response's body length.

ParadoxiaRat : Native Windows Remote access Tool.

My own fork of (Beta) Yalu Jailbreak for iOS 10.0 to 10.2 by @kpwn and @marcograss with custom UI and other features.

List of considerations for commerce site auditing and security teams. This is summary of action points and areas that need to be built into the Techinical Specific Document, or will be checked in the Security testing phases.

Tips and Tutorials for Bug Bounty and also Penetration Tests.

Network Analysis Tool

Vulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.

A concise, directive, specific, flexible, and free incident response plan template

ATT&CK实操

Xss Payload Generator ~ Xss Scanner ~ Xss Dork Finder

A list of web application security

Find leaked secrets via github search

Vulnerability assessment and penetration testing automation and reporting platform for teams.

Chromepass - Hacking Chrome Saved Passwords

Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer

Tool designed to help identify incorrectly configured Django applications that are exposing sensitive information.

Contenus et ressources de la chaîne FormationVidéo (YouTube)

sub domain wild card filtering tool

This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.

Web Application Security Automation Framework which recons the target for various assets to maximize the attack surface for security professionals & bug-hunters

Threat Hunting queries for various attacks

BruteDum - Brute Force attacks SSH, FTP, Telnet, PostgreSQL, RDP, VNC with Hydra, Medusa and Ncrack

☎️ Original open source call flooder using Twilio's API.

New Interface And Loading Screen For Termux Users

Robot Vulnerability Database. An archive of robot vulnerabilities and bugs.

A collection of resources I'm using while working toward the OSCP

A tool to automate penetration tests

A social experiment

SEC分布式资产扫描系统

Kali Linux Cheat Sheet for Penetration Testers

Tool-X is a kali linux hacking Tool installer. Tool-X developed for termux and other Linux based systems. using Tool-X you can install almost 370+ hacking tools in termux app and other linux based distributions.

Python3 tool to perform password spraying using RDP

Automated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]

Official Black Hat Arsenal Security Tools Repository

Gives you one-liners that aids in penetration testing operations, privilege escalation and more

A simple tool that aims to efficiently and quickly parse the outputs of web scraping tools like gau

PandwaRF: RF analysis tool with a sub-1 GHz wireless transceiver controlled by a smartphone or

大型内网渗透扫描器&Cobalt Strike，Ladon8.9内置120个模块，包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2，密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem，Poc/Exploit,支持Cobalt Strike 3.X-4.0

CTF Cheatsheet

Security Orchestration, Automation and Response (SOAR) Platform. 安全编排与自动化响应平台，无需编写代码的安全自动化，使用 SOAR 可以让团队工作更加高效

😈 Jenkins RCE PoC. From unauthenticated user to remote code execution, it's a hacker's dream!

CMS Detection and Exploit Kit based on Whatcms.org API

Quine Museum

Text, samples and website for my 'Effective Shell' series.

Credential stuffing engine built for security professionals