1622 Open source projects that are alternatives of or similar to Spoilerwall

🔐 Docker Container for Penetration Testing & Security

A curated list of awesome privilege escalation

Pentest Lab on OpenStack with Heat, Chef provisioning and Docker

A tool to test security of json web token

Cloudlist is a tool for listing Assets from multiple Cloud Providers.

jSQL Injection is a Java application for automatic SQL database injection.

A cli for cracking, testing vulnerabilities on Json Web Token(JWT)

Create a VPS on Google Cloud Platform or Digital Ocean easily with Offensive Docker included to launch assessment to the targets.

Load a fresh new copy of ntdll.dll via file mapping to bypass API inline hook.

Hacker101 CTF Writeup

Vagrant VirtualBox environment for conducting an internal network penetration test

This is my OSCP cheat sheet made by combining a lot of different resources online with a little bit of tweaking. I used this cheat sheet during my exam (Fri, 13 Sep 2019) and during the labs. I can proudly say it helped me pass so I hope it can help you as well ! Good Luck and Try Harder

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

Chef repository for pentesting tools

Yet Another PHP Shell - The most complete PHP reverse shell

Capture-the-Flag (CTF) environment setup tools for OWASP Juice Shop supporting CTFd, FBCTF and RootTheBox

Next generation web scanner

🔑 Hash type identifier (CLI & lib)

Applied offensive security with Rust - Early access - https://academy.kerkour.com/black-hat-rust?coupon=GITHUB

Hacking Toolkit

A standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)

Sifter aims to be a fully loaded Op Centre for Pentesters

Open Redirect Payloads

Quickly analyze and reverse engineer Android packages

Automatically Launch Google Hacking Queries Against A Target Domain

⚡️ Worlds fastest steghide cracker, chewing through millions of passwords per second ⚡️

Phishing Tool & Information Collector

Capture-the-Flag (CTF) environment setup tools for OWASP Juice Shop

Intelligence and Reconnaissance Package/Bundle installer.

Centralize Vulnerability Assessment and Management for DevSecOps Team

The missing REST API package for pfSense

备考 OSCP 的各种干货资料/渗透测试干货资料

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

A very loud but fast recon scan and pentest template creator for use in CTF's/OSCP/Hackthebox...

Framework for rapid development and reusable of security tools

A Modular Framework for the Automated Vulnerability Analysis in IP-based Networks

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.

Selenium powered Python script to automate searching for vulnerable web apps.

Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.

Monitor linux processes without root permissions

Offensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.

A tool to automate penetration tests

Extract subdomains from SSL certificates in HTTPS sites.

Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。

Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.

Steganography brute-force utility to uncover hidden data inside files

Pentest environment deployer (kali linux + targets) using vagrant and chef.

A vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.

All releases of the security research group (a.k.a. hackers) The Hacker's Choice

Penetration Testing notes, resources and scripts

👻Stowaway -- Multi-hop Proxy Tool for pentesters

JustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)

🔨 A modern multiple reverse shell sessions manager wrote in go

Bash script purposed for system enumeration, vulnerability identification and privilege escalation.

Passwords Recovery Tool

A fast DOM based XSS vulnerability scanner with simplicity.

GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes.

hydra