1013 Open source projects that are alternatives of or similar to Sudo_killer

A curated list of awesome privilege escalation

A very loud but fast recon scan and pentest template creator for use in CTF's/OSCP/Hackthebox...

备考 OSCP 的各种干货资料/渗透测试干货资料

This repository contains writeups for various CTFs I've participated in (Including Hack The Box).

A standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)

Exploits by 1N3 @CrowdShield @xer0dayz @XeroSecurity

ODAT: Oracle Database Attacking Tool

Multi source CVE/exploit parser.

🔑 Hash type identifier (CLI & lib)

All releases of the security research group (a.k.a. hackers) The Hacker's Choice

This cheasheet is aimed at the CTF Players and Beginners to help them understand the fundamentals of Privilege Escalation with examples.

A tool to test security of json web token

MSDAT: Microsoft SQL Database Attacking Tool

JustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)

Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

Suggests programs to run against services found during the enumeration phase of a Pentest

Web Recon & Exploitation Tool.

Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps. 👻🐚

Privilege Escalation Enumeration Script for Windows

Master list of all my vulnerability discoveries. Mostly 3rd party kernel drivers.

Search for Unix binaries that can be exploited to bypass system security restrictions.

Overlord - Red Teaming Infrastructure Automation

Subdomain enumeration through various techniques

Extract subdomains from SSL certificates in HTTPS sites.

A tool to automate penetration tests

This cheasheet is aimed at the CTF Players and Beginners to help them sort the CTF Challenges on the basis of Difficulties.

Yet Another PHP Shell - The most complete PHP reverse shell

Multi OTP Spam Amp/Paralell threads

Create a VPS on Google Cloud Platform or Digital Ocean easily with Offensive Docker included to launch assessment to the targets.

😹 Tomcter is a python tool developed to bruteforce Apache Tomcat manager login with Apache Tomcat default credentials.

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)

Hacker101 CTF Writeup

Pentest Lab on OpenStack with Heat, Chef provisioning and Docker

This cheasheet is aimed at the CTF Players and Beginners to help them sort Vulnhub Labs. This list contains all the writeups available on hackingarticles.

🌴Windows Kernel privilege escalation vulnerability collection, with compilation environment, demo GIF map, vulnerability details, executable file

Offensive Reverse Shell (Cheat Sheet)

Snoop — инструмент разведки на основе открытых данных (OSINT world)

A curated list of awesome Windows frameworks, libraries, software and resources for Red Teams

Open Redirect Payloads

👻Impost3r -- A linux password thief

Micro-framework for rapid development of reusable security tools

This powershell script has got to run in remote hacked windows host, even for pivoting

Penetration Testing notes, resources and scripts

Ladon Network Penetration Scanner for PowerShell, vulnerability / exploit / detection / MS17010/SmbGhost,Brute-Force SMB/IPC/WMI/NBT/SSH/FTP/MSSQL/MYSQL/ORACLE/VNC

GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes.

Fast directory scanning and scraping tool

CVE-2016-8610 (SSL Death Alert) PoC

hydra

A collection of curated Java Deserialization Exploits

C2/post-exploitation framework

pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)

A Bash script that downloads and unzips scripts that will aid with privilege escalation on a Linux system.

👻Stowaway -- Multi-hop Proxy Tool for pentesters

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Automate Pentest Tool

Collection of things made during my OSCP journey

Hacking Toolkit

Exploit Pack -The next generation exploit framework