1042 Open source projects that are alternatives of or similar to Serpentine

Seven different DLL injection techniques in one single project.

Perun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架

Flexible Rule-Based Proxy

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

A collaborative review of the emerging COVID-19 literature. Join the chat here:

RAT And C&C Resources. 250+ Open Source Projects, 1200+ RAT/C&C blog/video.

A pure-Python ARP Cache Poisoning (a.k.a "ARP Spoofing") tool

记录自己编写、修改的部分工具

Collection of quality safety articles. Awesome articles.

一键安装 trojan v2ray xray. Install v2ray / xray (VLESS) and trojan (trojan-go) script

Silentbridge is a toolkit for bypassing 802.1x-2010 and 802.1x-2004.

红队作战中比较常遇到的一些重点系统漏洞整理。

Chashell is a Go reverse shell that communicates over DNS. It can be used to bypass firewalls or tightly restricted networks.

A collection of public offensive and defensive security related scripts for InfoSec students.

Windows, OS X and linux RAT client

🐶 A curated list of Web Security materials and resources.

The Swiss Army knife for 802.11, BLE, IPv4 and IPv6 networks reconnaissance and MITM attacks.

A static analyzer for PE executables.

Python Remote Administration Tool (RAT)

A repository of tools for pentesting of restricted and isolated environments.

GitBook: OSCP RoadMap

最优雅的跨平台代理客户端，支持Shadowsocks(R)，V2Ray和Trojan协议。The most elegant cross-platform proxy GUI client that supports Shadowsocks(R), V2Ray, and Trojan. Built with Qt5 and QML2.

Gorsair hacks its way into remote docker containers that expose their APIs

KratosKnife is a Advanced BOTNET Written in python 3 for Windows OS. Comes With Lot of Advanced Features such as Persistence & VM Detection Methods, Built-in Binder, etc

IPv6 attack toolkit

PyIris-backdoor is a modular, stealthy and flexible remote-access-toolkit written completely in python used to command and control other systems. It is now in the beta stage, possibly perpetually. There are bugs still present in the framework, feel free to contribute or help me out with this project its still under active development >_>

A powerful C keylogger for Windows.

A collection of Ansible roles for automating infosec builds.

websocket proxy on heroku

（VLESS+TCP+TLS/VLESS+TCP+XTLS/VLESS+gRPC+TLS/VLESS+WS+TLS/VMess+TCP+TLS/VMess+WS+TLS/Trojan+TCP+TLS/Trojan+gRPC+TLS/Trojan+TCP+XTLS）+伪装站点、八合一共存脚本，支持多内核安装

Let's you perform domain/IP information gathering... in BASH! Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?"

Jackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.

A Golang Reverse Shell w/ a Tmux-driven psuedo-C2 Interface

Automated Security Testing For REST API's

A collection of more than 140+ tools, scripts, cheatsheets and other loots that I have developed over years for Red Teaming/Pentesting/IT Security audits purposes. Most of them came handy on at least one of my real-world engagements.

IlluminateJS is a static JavaScript deobfuscator

Scanner, signatures and the largest collection of Magento malware

Intercepting TCP proxy to modify raw TCP streams using modules on incoming or outgoing traffic

DotDotPwn - The Directory Traversal Fuzzer

Python Ransomware Tutorial - YouTube tutorial explaining code + showcasing the ransomware with victim/target roles

Android Anti-Emulator

ipsets dynamically updated with firehol's update-ipsets.sh script

A powerful hacker toolkit collected more than 10 categories of open source scanners from Github - 安全行业从业者自研开源扫描器合辑

SSH man-in-the-middle tool

Modern tactical exploitation toolkit.

Collection of the cheat sheets useful for pentesting

Kage is Graphical User Interface for Metasploit Meterpreter and Session Handler

A collection of manifests that will create pods with elevated privileges.

DART is a test documentation tool created by the Lockheed Martin Red Team to document and report on penetration tests, especially in isolated network environments.

Collection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)

FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.

轻量高效的 Trojan 代理，使用 Rust 实现

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, ThreatCrowd, Valhalla, Malware Bazaar, ThreatFox and it is able to scan Android devices against VT and HA.

Quiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.

BlackRAT - Java Based Remote Administrator Tool

Automated Use Case Testing

Thoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.

ARTi-C2 is a post-exploitation framework used to execute Atomic Red Team test cases with rapid payload deployment and execution capabilities via .NET's DLR.