689 Open source projects that are alternatives of or similar to Sleight

Wiki to collect Red Team infrastructure hardening resources

A bash script for recon and DOS attacks

A collection of useful scripts for Cobalt Strike

Fast browser-based network discovery module

SessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally.

Python 3.5+ DNS asynchronous brute force utility

Linux Rootkits (4.x Kernel)

The Collective. A repo for a collection of red-team projects found mostly on Github.

This is a quick script installation for resilient redirector using nginx reverse proxy and letsencrypt compatible with some popular Post-Ex Tools (Cobalt Strike, Empire, Metasploit, PoshC2).

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.

An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.

Kubernetes Goat is "Vulnerable by Design" Kubernetes Cluster. Designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security.

Applied offensive security with Rust - Early access - https://academy.kerkour.com/black-hat-rust?coupon=GITHUB

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

Go-deliver is a payload delivery tool coded in Go.

Physmem2profit can be used to create a minidump of a target hosts' LSASS process by analysing physical memory remotely

DNS Rebinding Exploitation Framework

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

Use ExpiredDomains.net and BlueCoat to find useful domains for red team.

The all-in-one Red Team extension for Web Pentester 🛠

🦄🔒 Awesome list of secrets in environment variables 🖥️

HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

PacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.

🔪 Leak git repositories from misconfigured websites

🔨 A modern multiple reverse shell sessions manager wrote in go

This repo will contain some basic pentest/RT commands.

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

The Shadow Attack Framework

OCaml Build Infrastructure

Serve your Rubix ML models in production with scalable stand-alone model inference servers.

Simple multi threaded tool to extract domain related data from commoncrawl.org

Blockchain infrastructure for decentralized machine learning (decentralized-ml repo).

👀 🖥️ Golang rewrite of eyes.sh. Let's you perform domain/IP address information gathering. Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?" 🔍 🕵️

Single-file PHP shell

a lightweight, security focused, BDD test framework against terraform.

pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)

A repo with information about security of Ethereum Smart Contracts

The Last Web Recon Tool You'll Need

Some of my security stuff and vulnerabilities. Nothing advanced. More to come.

Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources

A task based API for taking screenshots and scraping text from websites.

The ContainerSSH website

A Hashcat wrapper for distributed hashcracking

Dump exposed HTTP .git fast

⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡

Chef Infra, a powerful automation platform that transforms infrastructure into code automating how infrastructure is configured, deployed and managed across any environment, at any scale

Find web directories without bruteforce

👶 BabySploit Beginner Pentesting Toolkit/Framework Written in Python 🐍

Semi-automatic OSINT framework and package manager

🚦 Microservices Status Page. Monitors a distributed infrastructure and sends alerts (Slack, SMS, etc.).

Provides an extensible solution for creating Data Processing Pipelines in F#.

Scripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient

A curated list of awesome OSCP resources

Configuration management tool inspired by Chef, but simpler and lightweight. Formerly known as Lightchef.

A simple keylogger for Windows, Linux and Mac

Allows OpenNebula to manage Linux Containers via LXD

online port scan scraper

Homemade Pwnbox 🚀 / Rogue AP 📡 based on Raspberry Pi — WiFi Hacking Cheatsheets + MindMap 💡