530 Open source projects that are alternatives of or similar to Shellab

Fast Modular Web Interfaces Bruteforcer

Appsecco training course content on Attacking and Auditing Dockers Containers and Kubernetes Clusters

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

A swiss army knife for pentesting networks

Script to automate PUT HTTP method exploitation to get shell

Simple multi threaded tool to extract domain related data from commoncrawl.org

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)

Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。

HackSys Extreme Vulnerable Windows Driver

This is my OSCP cheat sheet made by combining a lot of different resources online with a little bit of tweaking. I used this cheat sheet during my exam (Fri, 13 Sep 2019) and during the labs. I can proudly say it helped me pass so I hope it can help you as well ! Good Luck and Try Harder

Course materials for Modern Binary Exploitation by RPISEC

Tools for Bug Hunting

Directory/File, DNS and VHost busting tool written in Go

A Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.

NetCat for Windows

A collection of manifests that will create pods with elevated privileges.

A CPU-based JSON Web Token (JWT) cracker and - to some extent - scanner.

X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

Internal penetration testing tool for Linux that can be used to enumerate OS information, domain information, shares, directories, and users through SMB.

Python network tool, similar to Netcat with custom features.

Set of tools to audit SIP based VoIP Systems

The Last Web Recon Tool You'll Need

Handbook of information collection for penetration testing and src

This code is vulnerable to SQL Injection and having SQLite database. For SQLite database, SQL Injection payloads are different so it is for fun. Just enjoy it \m/

Fast web fuzzer written in Go

iOS/macOS/Linux Remote Administration Tool

A WebKit exploit using CVE-2018-4441 to obtain RCE on PS4 6.20.

Subaru StarLink persistent root code execution.

Let's you perform domain/IP information gathering... in BASH! Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?"

WADComs is an interactive cheat sheet, containing a curated list of Unix/Windows offensive tools and their respective commands.

Exploitation on ARM-based Systems (Troopers18)

A framework for Backdoor development!

Collection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)

Wi-Fi tools keep getting more and more accessible to beginners, and the Ehtools Framework is a framework of serious penetration tools that can be explored easily from within it. This powerful and simple tool can be used for everything from installing new add-ons to grabbing a WPA handshake in a matter of seconds. Plus, it's easy to install, set up, and utilize.

Intelligence and Reconnaissance Package/Bundle installer.

Open source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.

My solutions to some CTF challenges and a list of interesting resources about pwning stuff

A container analysis and exploitation tool for pentesters and engineers.

Silentbridge is a toolkit for bypassing 802.1x-2010 and 802.1x-2004.

Extract endpoints from APK files

BlackRAT - Java Based Remote Administrator Tool

Enumerate and decrypt TeamViewer credentials from Windows registry

For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙

Exploit pack for pentesters and ethical hackers.

Idiomatic nmap library for go developers

Blazefox exploits for Windows 10 RS5 64-bit.

The Collective. A repo for a collection of red-team projects found mostly on Github.

Some of my security stuff and vulnerabilities. Nothing advanced. More to come.

Burpsuite-Plugins-Usage

[POC] Asynchronous reverse shell using the HTTP protocol.

Penetration Testing and Hacking CTF's Swiss Army Knife with: Reverse Shell Handling - Encoding/Decoding - Encryption/Decryption - Cracking Hashes / Hashing

A Hashcat wrapper for distributed hashcracking

SessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally.

zynix-Fusion is a framework that aims to centralize, standardizeand simplify the use of various security tools for pentest professionals.zynix-Fusion (old name: Linux evil toolkit) has few simple commands, one of which is theinit function that allows you to define a target, and thus use all the toolswithout typing anything else.

AWS Identity and Access Management Visualizer and Anomaly Finder

🌔 Official Repository for DarkSpiritz Penetration Framework | Written in Python 🐍

Rockyou for web fuzzing

web-based OSINT and reconaissance toolkit

A WIP "Vulnerable by Design" kext for iOS/macOS to play & learn *OS kernel exploitation