1183 Open source projects that are alternatives of or similar to Scripts

All in One Hacking Tool for Linux & Android (Termux). Make your linux environment into a Hacking Machine. Hackers are welcome in our blog

Useful tools and scripts during Penetration Testing engagements

An Arch Linux repository for security professionals and enthusiasts. Done the Arch Way and optimized for i686, x86_64, ARMv6, ARMv7 and ARMv8.

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

A collection of more than 140+ tools, scripts, cheatsheets and other loots that I have developed over years for Red Teaming/Pentesting/IT Security audits purposes. Most of them came handy on at least one of my real-world engagements.

Rubyfu, where Ruby goes evil!

Web Application Security Scanner Framework

Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

Osintgram is a OSINT tool on Instagram. It offers an interactive shell to perform analysis on Instagram account of any users by its nickname

📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.

Web path scanner

Vagrant VirtualBox environment for conducting an internal network penetration test

安全、可靠、简单、免费的企业级蜜罐

Top 100 Hacking & Security E-Books (Free Download)

Wordpress 🔥 Joomla 🔥 Drupal 🔥 OsCommerce 🔥 Prestashop 🔥 Opencart 🔥

Tool Information Gathering Write By Python.

Everything needed for doing CTFs

Payload for teensy like a rubber ducky but the syntax is different. this Human interfaes device ( HID attacks ). Penetration With Teensy . Brutal is a toolkit to quickly create various payload,powershell attack , virus attack and launch listener for a Human Interface Device ( Payload Teensy )

Fully automated offensive security framework for reconnaissance and vulnerability scanning

Idiomatic nmap library for go developers

hacker, ready for more of our story ! 🚀

HostHunter a recon tool for discovering hostnames using OSINT techniques.

All releases of the security research group (a.k.a. hackers) The Hacker's Choice

Penetration Testing notes, resources and scripts

Extension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.

Ruby on Rails Phishing Framework

大型内网渗透扫描器&Cobalt Strike，Ladon8.9内置120个模块，包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2，密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem，Poc/Exploit,支持Cobalt Strike 3.X-4.0

Spoof SSDP replies and create fake UPnP devices to phish for credentials and NetNTLM challenge/response.

Cameradar hacks its way into RTSP videosurveillance cameras

安全编排与自动化响应平台

一款信息泄漏利用工具，适用于.git/.svn源代码泄漏和.DS_Store泄漏

Enumerate information from NTLM authentication enabled web endpoints 🔎

Free Security and Hacking eBooks

File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

Hacker101 CTF Writeup

Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

Tool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.

Next generation web scanner

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

A list of web application security

Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.

HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.

Python based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.

一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具，可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如：Title、Domain、CDN、指纹信息、状态信息等。

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Tools, tips, tricks, and more for exploring ICS Security.

记录自己编写、修改的部分工具

Security Orchestration, Automation and Response (SOAR) Platform. 安全编排与自动化响应平台，无需编写代码的安全自动化，使用 SOAR 可以让团队工作更加高效

A "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)

OSINT Tool: Generate username lists for companies on LinkedIn

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

The New Hacking Framework

A Python tool used to automate the execution of the following tools : Nmap , Nikto and Dirsearch but also to automate the report generation during a Web Penetration Testing

A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.

network reconnaissance toolkit

hack tools

Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords

Hacking Toolkit