494 Open source projects that are alternatives of or similar to Rogue

Awesome Nmap Grep

Rescope is a tool geared towards pentesters and bugbounty researchers, that aims to make life easier when defining scopes for Burp Suite and OWASP ZAP.

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

Just Another Linux Enumeration Script: A Bash script for locally enumerating a compromised Linux box

Vagrant VirtualBox environment for conducting an internal network penetration test

Hashcat web interface

A CPU-based JSON Web Token (JWT) cracker and - to some extent - scanner.

WhiteWinterWolf's PHP web shell

web-based OSINT and reconaissance toolkit

Windows one line commands that make life easier, shortcuts and command line fu.

Intelligence and Reconnaissance Package/Bundle installer.

A Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.

🌔 Official Repository for DarkSpiritz Penetration Framework | Written in Python 🐍

Control 433Mhz Rf power outlets from a Raspberry Pi

[POC] Asynchronous reverse shell using the HTTP protocol.

Quiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.

Like nmap for mapping wifi networks you're not connected to, plus device tracking

Python network worm that spreads on the local network and gives the attacker control of these machines.

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

An evil RAT (Remote Administration Tool) for macOS / OS X.

Rockyou for web fuzzing

Encoder to bypass WAF filters using XOR operations

Wordlist for content(directory) bruteforce discovering with Burp or dirsearch

🚀 Fast Port Scanner 🚀

A backdoor with a multitude of features.

Network protocol auditing framework

NetJSON is a data interchange format for encoding the basic building blocks of networks.

A wrapper for Nmap to quickly run network scans

AWS Identity and Access Management Visualizer and Anomaly Finder

Centralize Vulnerability Assessment and Management for DevSecOps Team

A high performance offensive security tool for reconnaissance and vulnerability scanning

jsonp is a Burp Extension which attempts to reveal JSONP functionality behind JSON endpoints. This could help reveal cross-site script inclusion vulnerabilities or aid in bypassing content security policies.

HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.

Study Notes For Web Hacking / Web安全学习笔记

RubberDucky like payloads for DigiSpark Attiny85

A tool to test security of json web token

Generates malicious LNK file payloads for data exfiltration

渗透测试插件化并发框架 / Open-sourced remote vulnerability PoC/EXP framework

The cheat sheet about Java Deserialization vulnerabilities

A simple dns resolver of dns-record and web-record log server for pentesting

DNS-Persist is a post-exploitation agent which uses DNS for command and control.

An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.

Relational database brute force and post exploitation tool for MySQL and MSSQL

ASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight

Configuration manager for embedded devices, implemented as a reusable django-app

A Subdomain Enumeration and Validation tool for Bug Bounty and Pentesters.

备考 OSCP 的各种干货资料/渗透测试干货资料

The pocket-sized wireless sniffer

A tool to fastly get all javascript sources/files

A tool to hunt for publicly accessible DigitalOcean Spaces

Passwords Recovery Tool

RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.

retrieve information via O365 with a valid cred

A simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support

Python network tool, similar to Netcat with custom features.

A PowerShell-based toolkit and framework consisting of a collection of techniques and tradecraft for use in red team, post-exploitation, adversary simulation, or other offensive security tasks.

A script written lazily for generating cross-platform backdoors on the go :)

Linux and Windows shellcode enrichment utility

A Virtual environment for Pentesting IoT Devices

This is my OSCP cheat sheet made by combining a lot of different resources online with a little bit of tweaking. I used this cheat sheet during my exam (Fri, 13 Sep 2019) and during the labs. I can proudly say it helped me pass so I hope it can help you as well ! Good Luck and Try Harder