1152 Open source projects that are alternatives of or similar to Rspet

Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.

Advanced Web Shell

Appsecco training course content on Attacking and Auditing Dockers Containers and Kubernetes Clusters

Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords

OSINT Tool: Generate username lists for companies on LinkedIn

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

An automated e-mail OSINT tool

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

Web path scanner

The ultimate WinRM shell for hacking/pentesting

Know the dangers of credential reuse attacks.

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

Semi-automatic OSINT framework and package manager

This tool will setting up your backdoor/rootkits when backdoor already setup it will be hidden your spesisifc process,unlimited your session in metasploit and transparent. Even when it killed, it will re-run again. There always be a procces which while run another process,So we can assume that this procces is unstopable like a Ghost in The Shell

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Kubernetes Goat is "Vulnerable by Design" Kubernetes Cluster. Designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security.

WebShell Backdoor Framework

Spoof SSDP replies and create fake UPnP devices to phish for credentials and NetNTLM challenge/response.

Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.

Ferramenta para quebrar senhas administrativas de roteadores Wireless, routers, switches e outras plataformas de gestão de serviços de rede autenticados.

Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns

Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

A framework that create an advanced stealthy dropper that bypass most AVs and have a lot of tricks

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

Fast Modular Web Interfaces Bruteforcer

RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.

Quiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.

This code is vulnerable to SQL Injection and having SQLite database. For SQLite database, SQL Injection payloads are different so it is for fun. Just enjoy it \m/

GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

Pwning the Nuro issued Huawei HG8045Q

my oscp prep collection

Linux enumeration tool for pentesting and CTFs with verbosity levels

Container with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters

🏴‍☠️ Information Gathering tool 🏴‍☠️ DNS / Subdomains / Ports / Directories enumeration

📡 A python program to create a fake AP and sniff data.

DNS-Persist is a post-exploitation agent which uses DNS for command and control.

A simple dns resolver of dns-record and web-record log server for pentesting

An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.

Study Notes For Web Hacking / Web安全学习笔记

Python Interactive Deepweb-oriented Rapid Intelligent Link Analyzer

Automated NoSQL database enumeration and web application exploitation tool.

A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).

A simple tool for interacting with OWASP ZAP from the commandline.

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

Harden the world is a community driven project to develop hardening guidelines and checklists for common software and devices.

A tool for bug hunting or pentesting for targeting websites that have open .git repositories available in public

备考 OSCP 的各种干货资料/渗透测试干货资料

Just Another Linux Enumeration Script: A Bash script for locally enumerating a compromised Linux box

A high performance offensive security tool for reconnaissance and vulnerability scanning

RubberDucky like payloads for DigiSpark Attiny85

A Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.

A tool to fastly get all javascript sources/files

Relational database brute force and post exploitation tool for MySQL and MSSQL

[POC] Asynchronous reverse shell using the HTTP protocol.

A Simple android remote administration tool using sockets. It uses java on the client side and python on the server side

All releases of the security research group (a.k.a. hackers) The Hacker's Choice

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

Find leaked secrets via github search

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻