728 Open source projects that are alternatives of or similar to Roadmap

Get GTFOBins info about a given exploit from the command line

A collection of resources I'm using while working toward the OSCP

Pentest: Subdomains enumeration tool for penetration testers.

Vulnerability assessment and penetration testing automation and reporting platform for teams.

AV-evading Pythonic Reverse Shell with Dynamic Adaption Capabilities

Find cloud assets that no one wants exposed 🔎 ☁️

File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

Collection of several DDos tools.

Totally Insecure Web Application Project (TIWAP)

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

Vanquish is Kali Linux based Enumeration Orchestrator. Vanquish leverages the opensource enumeration tools on Kali to perform multiple active information gathering phases.

A list to discover work of red team tooling and methodology for penetration testing and security assessment

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.

🔐 Docker Container for Penetration Testing & Security

Script to spider a website and find publicly open S3 buckets

Exploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)

Notes from OSCP, CTF, security adventures, etc...

Multi source CVE/exploit parser.

Everything needed for doing CTFs

A curated list of awesome infosec courses and training resources.

Dradis Framework: Colllaboration and reporting for IT Security teams

An advanced tool for email reconnaissance

Gorsair hacks its way into remote docker containers that expose their APIs

Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.

🆕 The Multi-Tool Web Vulnerability Scanner.

A place where I can create, collect and share tooling, resources and knowledge about information security.

Don't let buffer overflows overflow your mind

备考 OSCP 的各种干货资料/渗透测试干货资料

Wireshark Cheat Sheet

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

Cameradar hacks its way into RTSP videosurveillance cameras

A list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP (and more) study material. Commands in 'Usefulcommands' Keepnote. Bookmarks and reading material in 'BookmarkList' CherryTree. Reconscan Py2 and Py3. Custom ISO building.

Password wordlist generator using song lyrics for targeted bruteforce audits / attacks. Useful for penetration testing or security research.

Opening the door, one reverse shell at a time

Pass in a list of URLs with query strings, get back a unique list of URLs and query string combinations

Collection of penetration test reports and pentest report templates. Published by the the best security companies in the world.

A default credential scanner.

Feature-rich Post Exploitation Framework with Network Pivoting capabilities.

my oscp prep collection

🙃 Reverse Shell Cheat Sheet 🙃

Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

This cheasheet is aimed at the CTF Players and Beginners to help them sort Vulnhub Labs. This list contains all the writeups available on hackingarticles.

Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.

Pentest Report Generator

Idiomatic nmap library for go developers

JustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)

A Tool for Domain Flyovers

Web path scanner

Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…

Common password pattern generator using strings list

Offensive Reverse Shell (Cheat Sheet)

Penetration Testing notes, resources and scripts

A curated list of awesome OSCP resources

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.