639 Open source projects that are alternatives of or similar to Scout

A curated list of awesome OSCP resources

Powerful Visual Subdomain Enumeration at the Click of a Mouse

A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.

File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

Tool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.

The cheat sheet about Java Deserialization vulnerabilities

Spoilerwall introduces a brand new concept in the field of network hardening. Avoid being scanned by spoiling movies on all your ports!

Set of tools to audit SIP based VoIP Systems

被动式漏洞扫描系统

uri type for PostgreSQL

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)

Penetration Testing and Hacking CTF's Swiss Army Knife with: Reverse Shell Handling - Encoding/Decoding - Encryption/Decryption - Cracking Hashes / Hashing

linuxprivchecker.py -- a Linux Privilege Escalation Check Script

Relational database brute force and post exploitation tool for MySQL and MSSQL

Reverse proxies cheatsheet

🏴‍☠️ Information Gathering tool 🏴‍☠️ DNS / Subdomains / Ports / Directories enumeration

Attempts to improve how clickable links are detected, highlighted and handled in TextView

Multi protocol support for handling remote files like local ones in Visual Studio Code.

Human and machine readable web vulnerability testing format

Angora is a mutation-based fuzzer. The main goal of Angora is to increase branch coverage by solving path constraints without symbolic execution.

备考 OSCP 的各种干货资料/渗透测试干货资料

Ruby on Rails Phishing Framework

Adds a customizable "Send to..."-context-menu to your BurpSuite.

Python based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.

🌔 Official Repository for DarkSpiritz Penetration Framework | Written in Python 🐍

URLEmbeddedView automatically caches the object that is confirmed the Open Graph Protocol.

A macOS app for customizing which browser to start

Create and validate signed URLs with a limited lifetime

Passwords Recovery Tool

Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.

Linux enumeration tool for pentesting and CTFs with verbosity levels

A web front-end for password cracking and analytics

An automated e-mail OSINT tool

Ethereum smart contract fuzzer

Bella is a pure python post-exploitation data mining tool & remote administration tool for macOS. 🍎💻

🔨 A modern multiple reverse shell sessions manager wrote in go

A script written lazily for generating cross-platform backdoors on the go :)

Advanced Web Shell

Abusing Certificate Transparency logs for getting HTTPS websites subdomains.

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

Cameradar hacks its way into RTSP videosurveillance cameras

coverage guided fuzz testing for javascript

This is the full file system fuzzing framework that I presented at the Hack in the Box 2020 Lockdown Edition conference in April.

Fuzzapi is a tool used for REST API pentesting and uses API_Fuzzer gem

Python network tool, similar to Netcat with custom features.

A ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network

This repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions

HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

Know the dangers of credential reuse attacks.

The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters

The iOS Security Testing Framework

my oscp prep collection

Fast and secure tunnels over HTTP/2

Capture-the-Flag (CTF) environment setup tools for OWASP Juice Shop

High-throughput fuzzer and emulator of DECREE binaries

Linux and Windows shellcode enrichment utility

retrieve information via O365 with a valid cred