1909 Open source projects that are alternatives of or similar to Stowaway

Hashcat web interface

Intelligence and Reconnaissance Package/Bundle installer.

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

Advanced and easy to use penetration testing framework 💣🔎

ContainerSSH: Launch containers on demand

🧰 A zero trust swiss army knife for working with X509, OAuth, JWT, OATH OTP, etc.

Wi-Fi tools keep getting more and more accessible to beginners, and the Ehtools Framework is a framework of serious penetration tools that can be explored easily from within it. This powerful and simple tool can be used for everything from installing new add-ons to grabbing a WPA handshake in a matter of seconds. Plus, it's easy to install, set up, and utilize.

Cameradar hacks its way into RTSP videosurveillance cameras

Open source pre-operation C2 server based on python and powershell

AWS Identity and Access Management Visualizer and Anomaly Finder

Open source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.

An AWS Lambda powered HTTP/SOCKS web proxy

NAT 内网穿透 远程内网计算机 域名访问内网站点 反向代理内网服务 花生壳 端口转发 http代理 微信 小程序 expose a local server behind a NAT or firewall to the internet like ngrok and frp. NAT ssh proxy tunnel reverse-proxy

A curated list of awesome privilege escalation

a (simple) dockerized ssh tunnel

ssh with promise/async await and typescript support

Command line tool to share your UNIX terminal and forward local TCP ports to people you trust.

一款体积小, 快速, 稳定, 高效, 轻量的内网穿透, 端口转发工具 支持多连接,级联代理,传输加密 (A small volume, fast, stable, efficient, and lightweight intranet penetration, port forwarding tool supports multiple connections, cascading proxy, and transmission encryption)

tun2socks - powered by gVisor TCP/IP stack

Manage and monitor SSH connections.

A platform for building proxies to bypass network restrictions.

Android,安卓版frpc，一个快速反向代理，可帮助您将NAT或防火墙后面的本地服务器暴露给Internet。

A guide on implementing a secure Wireguard server on OVH (or any other Debian VPS) with DNSCrypt, Port Knocking & an SSH-Honeypot

An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.

manage SSH access to multiple applications/environments protected by bastion servers

🌒 Shell command obfuscation to avoid detection systems

🔑 Hash type identifier (CLI & lib)

Imagine your SSH server only listens on an IPv6 address, and where the last 6 digits are changing every 30 seconds as a TOTP code...

SSH tunnels to remote server.

📖《这本书能让你连接互联网》详细阐述代理、隧道、VPN运作过程，并对GFW策略如：地址端口封锁、服务器缓存投毒、数字验证攻击、SSL连接阻断做相关的原理说明

Nysocks binds kcp and libuv to provide an aggressive tcp tunnel in nodejs.

PoC Command and Control Server. Interact with clients through a private web interface, add new users for team sharing and more.

expose a local server to the internet. 高性能跨平台的内网穿透解决方案 远程内网计算机 域名访问内网站点 反向代理内网服务 端口转发 http代理

For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙

👻Behold3r -- 收集指定网站的子域名，并可监控指定网站的子域名更新情况，发送变更报告至指定邮箱

Steganography brute-force utility to uncover hidden data inside files

GO Simple Tunnel - a simple tunnel written in golang

tunnels to localhost and other ssh plumbing

見える是一款 socks5 网络代理（科学上网）工具。Mieru is a socks5 proxy to bypass censorship.

Yet Another PHP Shell - The most complete PHP reverse shell

Capture-the-Flag (CTF) environment setup tools for OWASP Juice Shop supporting CTFd, FBCTF and RootTheBox

Create a VPS on Google Cloud Platform or Digital Ocean easily with Offensive Docker included to launch assessment to the targets.

Load a fresh new copy of ntdll.dll via file mapping to bypass API inline hook.

Pentesting/Bugbounty Dockerfiles.

Remote access and tunnels to your localhost from everywhere in the world.

Rapid SSH Proxy

A list of vulnerabilities or design flaws that Microsoft does not intend to fix. Since the number is growing, I decided to make a list. This list covers only vulnerabilities that came up in July 2021 (and SpoolSample ;-))

Fully automated offensive security framework for reconnaissance and vulnerability scanning

🛡️ A private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management, so you can use TLS everywhere & SSO for SSH.

Next generation web scanner

Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

network visualization & vulnerability management/reporting

Bind and reverse connection based, SOCKS5, HTTP and PortForward based portable proxy

Overlord - Red Teaming Infrastructure Automation

Search for Directory Traversal Vulnerabilities

This repository contains full code examples from the book Gray Hat C#

Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.

OSINT

A tool to automate penetration tests