1299 Open source projects that are alternatives of or similar to Sublert

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

The Web Application Hacker's Handbook - Extra Content

M3m0 Tool ⚔️ Website Vulnerability Scanner & Auto Exploiter

A Tools Session Hijacking And Stealer Local Passcode Telegram Windows

Automated NoSQL database enumeration and web application exploitation tool.

E-mails, subdomains and names Harvester - OSINT

Quickly analyze and reverse engineer Android packages

A permutation generation tool written in golang

Pentest Report Generator

Offensive tools as Dockerfiles. Lightweight & Ready to go

Audit tool to find common vulnerabilities in PHP source code

Payload for teensy like a rubber ducky but the syntax is different. this Human interfaes device ( HID attacks ). Penetration With Teensy . Brutal is a toolkit to quickly create various payload,powershell attack , virus attack and launch listener for a Human Interface Device ( Payload Teensy )

Useful tools and scripts during Penetration Testing engagements

A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).

web scanner - exploitation - information gathering

Phomber is infomation grathering tool that reverse search phone numbers and get their details, written in python3.

Web Application Security Scanner Framework

CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.

Apache Solr Injection Research

This tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely useful for a forensics team to extract timestamps after an attack on a host to collect evidences and perform further analysis.

Advanced and easy to use penetration testing framework 💣🔎

TechNowLogger is Windows/Linux Keylogger Generator which sends key-logs via email with other juicy target info

Sifter aims to be a fully loaded Op Centre for Pentesters

A Python tool used to automate the execution of the following tools : Nmap , Nikto and Dirsearch but also to automate the report generation during a Web Penetration Testing

A list of payload and bypass lists for penetration testing and red team infrastructure build.

Spoof SSDP replies and create fake UPnP devices to phish for credentials and NetNTLM challenge/response.

Hawkeye filesystem analysis tool

File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

A Bash script and Docker image for Bug Bounty reconnaissance. Intended for headless use.

Rubyfu, where Ruby goes evil!

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

bash scripting thing !

TryHackMe CTFs writeups, notes, drafts, scrabbles, files and solutions.

Unique wordlist generator of unique wordlists.

A Golang implant that uses Slack as a command and control server

An awesome collection of curated Cyber Security resources(Books, Tutorials, Blogs, Podcasts, ...)

Quick SQL Scanner, Dorker, Webshell injector PHP

Vaf is a cross-platform very advanced and fast web fuzzer written in nim

JustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)

A (partial) Python rewriting of PowerSploit's PowerView

Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

OSINT Tool: Generate username lists for companies on LinkedIn

Cheat-Sheet of tools for penetration testing

graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology is behind a given GraphQL endpoint.

Bypassing FILTER_SANITIZE_EMAIL & FILTER_VALIDATE_EMAIL filters in filter_var for SQL Injection ( xD )

Obtain GraphQL API Schema even if the introspection is not enabled

Framework For Exploring kernel vulnerabilities, network vulnerabilities ✨

Enumerate information from NTLM authentication enabled web endpoints 🔎

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

Automated script to run all modules for a specified list of domains, netblocks or company name

a shell script aim to automatically launch 50+ online web scanning tools in the Browsaer against a target domain in a 10 waves

Discover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty

平常看到好的渗透hacking工具和多领域效率工具的集合

Everything needed for doing CTFs

Automated Red Team Infrastructure deployement using Docker

An automated approach to performing recon for bug bounty hunting and penetration testing.

🎯 XML External Entity (XXE) Injection Payload List

A tool to automate penetration tests

A curated list of awesome infosec courses and training resources.

🔎 Hunt down social media accounts by username across social networks