5098 Open source projects that are alternatives of or similar to Ssrfmap

GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

vulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}

Misc. Public Reports of Penetration Testing and Security Audits.

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

Common Web Managers Fuzz Wordlists

Pentest Lab on OpenStack with Heat, Chef provisioning and Docker

Linux Heap Exploitation Practice

A collection of pwn/CTF related utilities for Ghidra

JustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)

Pentest environment deployer (kali linux + targets) using vagrant and chef.

My solutions to the 2020 NSA Codebreaker Challenge

Exploiting challenges in Linux and Windows

Advanced Web Browser Fingerprinting

🌒 Shell command obfuscation to avoid detection systems

Hacker101 CTF Writeup

Android Kernel Exploitation

A curated list of awesome privilege escalation

How to exploit a double free vulnerability in 2021. Use After Free for Dummies

A laboratory for learning secure web and mobile development in a practical manner.

Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security.

Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.

🌸 Interactive shellcoding environment to easily craft shellcodes

📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.

Vulnerability Dashboard

CTF framework and exploit development library

Framework For Exploring kernel vulnerabilities, network vulnerabilities ✨

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

🔑 Hash type identifier (CLI & lib)

Some of my public exploits

Framework for rapid development and reusable of security tools

A collection of useful links for Pentesters

A very loud but fast recon scan and pentest template creator for use in CTF's/OSCP/Hackthebox...

汽车/安卓/固件/代码安全测试工具集

This repository contains writeups for various CTFs I've participated in (Including Hack The Box).

EmpireCTF – write-ups, capture the flag, cybersecurity

A standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)

Web Recon & Exploitation Tool.

A fast, simple, recursive content discovery tool written in Rust.

Sifter aims to be a fully loaded Op Centre for Pentesters

📚 VoidHack CTF write-ups

A tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo for linux privilege escalation.

台大 計算機安全 - Pwn 簡報、影片、作業題目與解法 - Computer Security Fall 2019 @ CSIE NTU Taiwan

🔗 Don't know what type of hash it is? Name That Hash will name that hash type! 🤖 Identify MD5, SHA256 and 3000+ other hashes ☄ Comes with a neat web app 🔥

RDP man-in-the-middle (mitm) and library for Python with the ability to watch connections live or after the fact

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

Spoilerwall introduces a brand new concept in the field of network hardening. Avoid being scanned by spoiling movies on all your ports!

Very vulnerable ARM/AARCH64 application (CTF style exploitation tutorial with 14 vulnerability techniques)

⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡

Course materials for Modern Binary Exploitation by RPISEC

溯光 (TrackRay) 3 beta⚡渗透测试框架（资产扫描|指纹识别|暴力破解|网页爬虫|端口扫描|漏洞扫描|代码审计|AWVS|NMAP|Metasploit|SQLMap）

Snoop — инструмент разведки на основе открытых данных (OSINT world)

Good to know, easy to forget information about binaries and their exploitation!

Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues

TryHackMe CTFs writeups, notes, drafts, scrabbles, files and solutions.

An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)

Apache Solr Injection Research

X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

My solutions to some CTF challenges and a list of interesting resources about pwning stuff

Penetration tests guide based on OWASP including test cases, resources and examples.