1253 Open source projects that are alternatives of or similar to ShonyDanza

HatVenom is a HatSploit native powerful payload generation tool that provides support for all common platforms and architectures.

Port of "DR.CHECKER : A Soundy Vulnerability Detection Tool for Linux Kernel Drivers" to Clang/LLVM 10 and Linux Kernel

Unstripped iOS kernel extensions and more. More coming soon.

A docker image which will enumerate, sort, unique and resolve the results of various subdomains enumeration tools.

Some Generic Browser Exploits (For Educational Purposes Only)

Red-team tool to hook libc read syscall with a buffer overflow vulnerability.

Related subdomains finder

Facebook Write-ups, PoC, and exploitation codes:

CLI program that collects information from facebook user profiles via Selenium.

A simple Python script that reads a text file with lots of e-mails and passwords, and tries to check if those credentials are valid by trying to login on IMAP servers.

Deskew is a command line tool for deskewing scanned text documents. It uses Hough transform to detect "text lines" in the image. As an output, you get an image rotated so that the lines are horizontal.

Anti-malware for Android using machine learning

An XMLRPC brute forcer targeting Wordpress written in Python 3. (DISCONTINUED)

⛔🛡️ WeDefend - Monitor and Protect Windows from Remote Access Trojan

MultiAV scanner with Python and JSON REST API using Malice Docker AV Containers and Docker-Machine based Autoscaling

Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.

Multi source CVE/exploit parser.

Wazuh - Amazon AWS Cloudformation

A simple remote tool in C#.

ICS security resources

🔍 IRIS: An open-source intelligence framework

bingip2hosts is a Bing.com web scraper that discovers websites by IP address

Little tool made in python to create payloads for Linux, Windows and OSX with unique handler

TIGMINT: OSINT (Open Source Intelligence) GUI software framework

Toolset for detecting reflected xss in websites

Collection of different exploits

Web Penetration Testing with Kali Linux - Third Edition, published by Packt

网络安全 · 攻防对抗 · 蓝队清单，中文版

异步漏洞利用框架

It's a Docker Environment for pentesting which having all the required tool for VAPT.

Static and dynamic Android application security analysis

台大 計算機安全 - Pwn 簡報、影片、作業題目與解法 - Computer Security Fall 2019 @ CSIE NTU Taiwan

Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place

DevBrute is a Password Brute Forcer, It can Brute Force almost all Social Media Accounts or Any Web Application.

This script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)

Collecting IOCs posted on Twitter

Python-based CLI Password Analyser (Reporting Tool)

It records your terminal, then lets you upload to ASHIRT

A C2 post-exploitation framework

🔍 A Complete Osint Tool

A dictionary attack tool for PostgreSQL and MSSQL

Amazingly fast response crawler to find juicy stuff in the source code! 😎🔥

A collection of over 5.1 million sub-domains and assets belonging to public bug bounty programs, compiled into a repo, for performing bulk operations.

Exploring in-memory execution of .NET

Converting data from services like Censys and Shodan to a common data model

Captive wifi hotspot bypass tool for Linux

A binary visualization tool to aid with reverse engineering and malware detection similar to Cantor.Dust

PowerShell SOCKS proxy with reverse proxy capabilities

This is a quick script installation for resilient redirector using nginx reverse proxy and letsencrypt compatible with some popular Post-Ex Tools (Cobalt Strike, Empire, Metasploit, PoshC2).

A shot-for-shot remake of the Google Login Page.

asnap aims to render recon phase easier by providing updated data about which companies owns which ipv4 or ipv6 addresses and allows the user to automate initial port and service scanning.

Gosint is a distributed asset information collection and vulnerability scanning platform

Collect email addresses by crawling search engine results.

Bifrost C2. Open-source post-exploitation using Discord API

GradeJS analyzes production Webpack bundles without having access to the source code of a website. Instantly see vulnerabilities, outdated packages, and more just by entering a web application URL.

Offensive Reverse Shell (Cheat Sheet)

Exploits developed by me.

Penetration tests on SSH servers using brute force or dictionary attacks. Written in Python.

A script using Docker to quickly bring up some honeypots exposing lots of services. For research, reconnaissance, and fun. (DISCLAIMER may not be fun, not to be taken internally, aim away from face)

Argus Advanced Remote & Local Keylogger For macOS and Windows