494 Open source projects that are alternatives of or similar to Rogue

Useful tools and scripts during Penetration Testing engagements

Script to automate PUT HTTP method exploitation to get shell

Open source pre-operation C2 server based on python and powershell

Intelligence and Reconnaissance Package/Bundle installer.

JustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)

mosquito - Automating reconnaissance and brute force attacks

Dradis Framework: Colllaboration and reporting for IT Security teams

A Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.

Credential stuffing engine built for security professionals

Command line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.

Automatically Launch Google Hacking Queries Against A Target Domain

🌔 Official Repository for DarkSpiritz Penetration Framework | Written in Python 🐍

Intelligence tool but without API key

Main GNU Radio recipe repository for use with PyBOMBS

DNS Rebinding Exploitation Framework

Control 433Mhz Rf power outlets from a Raspberry Pi

Quickly analyze and reverse engineer Android packages

OpenThread RTOS, an integration of OpenThread, LwIP, and FreeRTOS.

A curated list of awesome privilege escalation

[POC] Asynchronous reverse shell using the HTTP protocol.

PacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.

A Python3 based single-file subdomain enumerator

Ansible role that installs and upgrades OpenWISP.

Quiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.

For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙

✨ Purpose only! The dangers of Bluetooth Low Energy（BLE）implementations: Unveiling zero day vulnerabilities and security flaws in modern Bluetooth LE stacks.

Idiomatic nmap library for go developers

Like nmap for mapping wifi networks you're not connected to, plus device tracking

Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.

Passively scan for Bluetooth Low Energy devices and attempt to fingerprint them

Automatic SQL injection and database takeover tool

Python network worm that spreads on the local network and gives the attacker control of these machines.

Security Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.

Graph visualization of wireless client and access point relationships

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

Network configuration management library based on NetJSON DeviceConfiguration

Thoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.

Python 3.5+ DNS asynchronous brute force utility

An evil RAT (Remote Administration Tool) for macOS / OS X.

Open Redirect Payloads

🏴‍☠️ Tools for pentesting, CTFs & wargames. 🏴‍☠️

My own OSCP guide

Rockyou for web fuzzing

Attempting to be an all in one repo for others' userful aggressor scripts as well as things we've found useful during Red Team Operations.

Armbian firmware

Scan .onion hidden services with nmap using Tor, proxychains and dnsmasq in a minimal alpine Docker container.

Encoder to bypass WAF filters using XOR operations

A standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)

🔪 Leak git repositories from misconfigured websites

Applied offensive security with Rust - Early access - https://academy.kerkour.com/black-hat-rust?coupon=GITHUB

Wordlist for content(directory) bruteforce discovering with Burp or dirsearch

A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.

A set of recipes useful in pentesting and red teaming scenarios

Linux and Windows shellcode enrichment utility

A Virtual environment for Pentesting IoT Devices

This is my OSCP cheat sheet made by combining a lot of different resources online with a little bit of tweaking. I used this cheat sheet during my exam (Fri, 13 Sep 2019) and during the labs. I can proudly say it helped me pass so I hope it can help you as well ! Good Luck and Try Harder

Spoof SSDP replies and create fake UPnP devices to phish for credentials and NetNTLM challenge/response.

Phishing Tool & Information Collector

A tool for bug hunting or pentesting for targeting websites that have open .git repositories available in public