796 Open source projects that are alternatives of or similar to Shell Backdoor List

Thefatrat a massive exploiting tool : Easy tool to generate backdoor and easy tool to post exploitation attack like browser attack and etc . This tool compiles a malware with popular payload and then the compiled malware can be execute on windows, android, mac . The malware that created with this tool also have an ability to bypass most AV softw…

An Python Script For Generating Payloads that Bypasses All Antivirus so far .

ParadoxiaRat : Native Windows Remote access Tool.

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)

Pwning the Nuro issued Huawei HG8045Q

Ghost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device. Ghost Framework gives you the power and convenience of remote Android device administration.

👻 RAT (Remote Access Trojan) - Silent Botnet - Full Remote Command-Line Access - Download & Execute Programs - Spread Virus' & Malware

A list of web application security

做redteam时使用，修改自Ridter的https://github.com/Ridter/Intranet_Penetration_Tips

Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor

This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack

Clear all your logs in [linux/windows] servers 🛡️

This script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)

A Router WiFi key recovery/cracking tool with a twist.

🎯 SQL Injection Payload List

Apache Tomcat auto WAR deployment & pwning penetration testing tool.

🎯 XML External Entity (XXE) Injection Payload List

Undetectable & Xor encrypting with custom KEY (FUD Metasploit Rat) bypass Top Antivirus like BitDefender,Malwarebytes,Avast,ESET-NOD32,AVG,... & Automatically Add ICON and MANIFEST to excitable

Proton Framework is a Windows post-exploitation framework similar to other Windows post-exploitation frameworks. The major difference is that the Proton Framework does most of its operations using Windows Script Host, with compatibility in the core to support a default installation of Windows 2000 with no service packs all the way through Windows 10.

A list of resources for those interested in getting started in bug bounties

WebShell Backdoor Framework

A framework that create an advanced stealthy dropper that bypass most AVs and have a lot of tricks

📚 Overview 🔒 Tooling 🔒 Process 🔒 Physical 🔒 People 📚

Python library and CLI for the Bug Bounty Recon API

Mouse Framework is an iOS and macOS post-exploitation framework that gives you a command line session with extra functionality between you and a target machine using only a simple Mouse payload. Mouse gives you the power and convenience of uploading and downloading files, tab completion, taking pictures, location tracking, shell command execution, escalating privileges, password retrieval, and much more.

Web application vulnerability scanner

ASP.NET View State Decoder

Source code for Hacker101.com - a free online web and mobile security class.

A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).

Personal CTF Toolkit

Python based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.

An HTTP/HTTPS intercept proxy written in Go.

🏴‍☠️ Tools for pentesting, CTFs & wargames. 🏴‍☠️

File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

Making Favicon.ico based Recon Great again !

Python network worm that spreads on the local network and gives the attacker control of these machines.

RSPET (Reverse Shell and Post Exploitation Tool) is a Python based reverse shell equipped with functionalities that assist in a post exploitation scenario.

Stop half-done API specifications! Cherrybomb is a CLI tool that helps you avoid undefined user behaviour by validating your API specifications.

一款信息泄漏利用工具，适用于.git/.svn源代码泄漏和.DS_Store泄漏

Free advanced and modern Windows botnet with a nice and secure PHP panel.

locate and attack Lync/Skype for Business

(deprecated) Android application vulnerability analysis and Android pentest tool

个人笔记汇总

A tool which utilizes Shodan to detect vulnerable IoT devices.

Python 3 IRC Bot / Botnet

Good resources about web security that I have read.

Web Application Security Scanner Framework

Xamarin Forms Modern Chat Using SignalR ASP.NET

A simple C# helper class for ASP.NET Core to generate a random password with custom strength requirements: min length, uppercase, lowercase, digits & more

Complete Listing and Usage of Tools used for Ethical Hacking

Decrypt passwords/cookies/history/bookmarks from the browser. 一款可全平台运行的浏览器数据导出解密工具。

Top 100 Hacking & Security E-Books (Free Download)

Raven-Storm is a powerful DDoS toolkit for penetration tests, including attacks for several protocols written in python. Takedown many connections using several exotic and classic protocols.

使用 Vue.js + ASP.NET 搭建的 FFMpeg 的 Web GUI 平台，支持视频转码、拼接视频、合并音视频等操作。并有使用 WPF 技术的 Windows 桌面端。

ATT&CK实操

Open Source Reporting tool for .NET6/.NET Core/.NET Framework that you can embed in your application and generate dashboards and ad hoc reports

Inventory Management System by asp.net and MSSQL

CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.

Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer

My personal unique wiki for hacking the router firmware used by (Telia)TG799vac Xtream v17.2-MINT delivered from Technicolor