2373 Open source projects that are alternatives of or similar to Scilla

Python based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.

Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

swiss army knife for hackers

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)

Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework

Enumerate information from NTLM authentication enabled web endpoints 🔎

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

Hacking Toolkit

Command line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.

Evildork targeting your fiancee👁️

Querytool is an OSINT framework based on Google Spreadsheets. With this tool you can perform complex search of terms, people, email addresses, files and many more.

Automated script to run all modules for a specified list of domains, netblocks or company name

Phomber is infomation grathering tool that reverse search phone numbers and get their details, written in python3.

⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡

Container with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters

X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

Reconnaissance tool of Penetration test & Bug Bounty

Discover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty

A Tool for Domain Flyovers

Yet Another PHP Shell - The most complete PHP reverse shell

Command line tool that allows you to explore IoT devices by using Shodan API.

Python tool that monitors and logs user-run commands on a Linux system for either offensive or defensive purposes..

This repository created for personal use and added tools from my latest blog post.

An automated target reconnaissance pipeline.

Personal CTF Toolkit

Semi-automatic OSINT framework and package manager

Ashok is a OSINT Recon Tool , a.k.a 😍 Swiss Army knife .

IP Tools To quickly get information about IP Address's, Web Pages and DNS records.

Tool Information Gathering Write By Python.

Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.

OneForAll是一款功能强大的子域收集工具

Web Application Security Automation Framework which recons the target for various assets to maximize the attack surface for security professionals & bug-hunters

Offensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.

Web application vulnerability scanner

🤖 The Modern Port Scanner 🤖

A Python Tool For google Hacking

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

Steganography brute-force utility to uncover hidden data inside files

Idiomatic nmap library for go developers

GitHub Recon — and what you can achieve with it!

一款功能强大的漏洞扫描器，子域名爆破使用aioDNS，asyncio异步快速扫描，覆盖目标全方位资产进行批量漏洞扫描，中间件信息收集，自动收集ip代理，探测Waf信息时自动使用来保护本机真实Ip，在本机Ip被Waf杀死后，自动切换代理Ip进行扫描，Waf信息收集(国内外100+款waf信息)包括安全狗，云锁，阿里云，云盾，腾讯云等，提供部分已知waf bypass 方案，中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等)，支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能

An Arch Linux repository for security professionals and enthusiasts. Done the Arch Way and optimized for i686, x86_64, ARMv6, ARMv7 and ARMv8.

Track any ip address with IP-Tracer. IP-Tracer is developed for Linux and Termux. you can retrieve any ip address information using IP-Tracer.

A collection of public offensive and defensive security related scripts for InfoSec students.

Track any ip address with IP-Tracker. IP-Tracker is developed for Linux and Termux. you can retrieve any ip address information using IP-Tracker.

Osintgram is a OSINT tool on Instagram. It offers an interactive shell to perform analysis on Instagram account of any users by its nickname

PacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.

Awesome hacking is an awesome collection of hacking tools.

Keye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will make a request to these URLs and try to detect changes based on their response's body length.

Internal penetration testing tool for Linux that can be used to enumerate OS information, domain information, shares, directories, and users through SMB.

Penetration Testing notes, resources and scripts

NetCat for Windows

ReconPi - A lightweight recon tool that performs extensive scanning with the latest tools.

The New Hacking Framework

All in One Hacking Tool for Linux & Android (Termux). Make your linux environment into a Hacking Machine. Hackers are welcome in our blog

OSINT Tool: Generate username lists for companies on LinkedIn

Infection vector that bypasses AV, IDS, and IPS. (For now...)

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF