1013 Open source projects that are alternatives of or similar to Sudo_killer

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

A hyper plugin to provide a flexible GDB GUI with the help of GEF, pwndbg or peda

Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework

network visualization & vulnerability management/reporting

Internal penetration testing tool for Linux that can be used to enumerate OS information, domain information, shares, directories, and users through SMB.

A list of resources for those interested in getting started in bug bounties

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

Burp Extension for testing authorization issues. Automated request repeating and parameter value extraction on the fly.

Vanquish is Kali Linux based Enumeration Orchestrator. Vanquish leverages the opensource enumeration tools on Kali to perform multiple active information gathering phases.

IVA is a system to scan for known vulnerabilities in software products installed inside an organization. IVA uses CPE identifiers to search for CVEs related to a software product.

Notes about attacking Jenkins servers

Wordpress Attack Suite

Decrypted content of eqgrp-auction-file.tar.xz

CVE-2018-8120 Windows LPE exploit

EmpireCTF – write-ups, capture the flag, cybersecurity

Chashell is a Go reverse shell that communicates over DNS. It can be used to bypass firewalls or tightly restricted networks.

CTF🚩 AWD (Attack with Defense) 线下赛平台 / AWD platform - 欢迎 Star~ ✨

Security Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.

A Modular Framework for the Automated Vulnerability Analysis in IP-based Networks

Open Redirect scanner - (out of date)

A post exploitation tool based on a web application, focusing on bypassing endpoint protection and application whitelisting

Tutorials written by me.

CTF writeups

Writeup of CVE-2020-15906

瓶颈渗透,web渗透,red红队,fuzz param,注释,js字典,ctf

Resources for Windows exploit development

Advisories, proof of concept files and exploits that have been made public by @pedrib.

Just some exploits :P

The Web Application Hacker's Handbook - Extra Content

红蓝对抗以及护网相关工具和资料，内存shellcode（cs+msf）和内存马查杀工具

Vulnerability Labs for security analysis

A Game platform to spread awareness among school and university students about various cyber attacks.

Wi-Fi tools keep getting more and more accessible to beginners, and the Ehtools Framework is a framework of serious penetration tools that can be explored easily from within it. This powerful and simple tool can be used for everything from installing new add-ons to grabbing a WPA handshake in a matter of seconds. Plus, it's easy to install, set up, and utilize.

linuxprivchecker.py -- a Linux Privilege Escalation Check Script

How to exploit a double free vulnerability in 2021. Use After Free for Dummies

a unique framework for cybersecurity simulation and red teaming operations, windows auditing for newer vulnerabilities, misconfigurations and privilege escalations attacks, replicate the tactics and techniques of an advanced adversary in a network.

Exploiting Edge's read:// urlhandler

Password-protected writeups of HTB platform (challenges and boxes) https://cesena.github.io/

A collection of pwn/CTF related utilities for Ghidra

A collection of various GitHub gists for hackers, pentesters and security researchers

Black Hat Python workshop for Disobey 2019

ToRat is a Remote Administation tool written in Go using Tor as a transport mechanism and RPC for communication

kernel privilege escalation enumeration and exploitation framework

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

Vulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.

A tool for fuzzing for ports that allow outgoing connections

Educational, CTF-styled labs for individuals interested in Memory Forensics

🏴 🏴 🏴

Guidance for the Spectre, Meltdown, Speculative Store Bypass, Rogue System Register Read, Lazy FP State Restore, Bounds Check Bypass Store, TLBleed, and L1TF/Foreshadow vulnerabilities as well as general hardware and firmware security guidance. #nsacyber

Ladon Moudle MS17010 Exploit for PowerShell

A Ruby framework designed to aid in the penetration testing of WordPress systems.

Python3 tool to perform password spraying using RDP

🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.

An Easy / Quick / Cheap Integrated Platform

Windows 权限提升 BadPotato

👀 🖥️ Golang rewrite of eyes.sh. Let's you perform domain/IP address information gathering. Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?" 🔍 🕵️

For effective cheating detection in competitions. Utilizes Linux Kernel Module (LKM) for generating flags.

Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.