695 Open source projects that are alternatives of or similar to Tactical Exploitation

A "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)

Simple HS256 JWT token brute force cracker

Chimera is a (shiny and very hack-ish) PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.

A tool to automate penetration tests

Open Source Information Facebook

Dradis Framework: Colllaboration and reporting for IT Security teams

Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.

NetCat for Windows

metasploit-framework 图形界面 / 图形化内网渗透工具

Find emails of Github users

Penetration Testing notes, resources and scripts

SocialBox is a Bruteforce Attack Framework [ Facebook , Gmail , Instagram ,Twitter ] , Coded By Belahsan Ouerghi Edit By init__0 for termux on android

Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security.

Information Gathering tool for a Website or IP address

JustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)

A list of web application security

The best way to scan for weak ssh passwords on your network

Hamburglar -- collect useful information from urls, directories, and files

Vanquish is Kali Linux based Enumeration Orchestrator. Vanquish leverages the opensource enumeration tools on Kali to perform multiple active information gathering phases.

ConPtyShell - Fully Interactive Reverse Shell for Windows

Wi-Fi tools keep getting more and more accessible to beginners, and the Ehtools Framework is a framework of serious penetration tools that can be explored easily from within it. This powerful and simple tool can be used for everything from installing new add-ons to grabbing a WPA handshake in a matter of seconds. Plus, it's easy to install, set up, and utilize.

Everything needed for doing CTFs

DNS Subdomain● Brute force ● Web Spider ● Nmap Scan ● etc

HostHunter a recon tool for discovering hostnames using OSINT techniques.

Android Apps, Roms and Platforms for Pentesting

⚡️An awesome list of the best Termux hacking tools

Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.

A MongoDB importer and API for Project Sonars DNS datasets

A proof of concept injectable C++ dll, that uses naked inline hooking and direct memory modification to change your TeamViewer permissions.

holehe allows you to check if the mail is used on different sites like twitter, instagram and will retrieve information on sites with the forgotten password function.

Making Favicon.ico based Recon Great again !

🔎 Hunt down social media accounts by username across social networks

a very fast brute force webshell password tool

Pentest Report Generator

🙃 Reverse Shell Cheat Sheet 🙃

A Powershell client for dnscat2, an encrypted DNS command and control tool.

PhoneInfoga is one of the most advanced tools to scan international phone numbers using only free resources. It allows you to first gather standard information such as country, area, carrier and line type on any international phone number. Then search for footprints on search engines to try to find the VoIP provider or identify the owner.

Hacker101 CTF Writeup

Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

OSINT Tool: Generate username lists for companies on LinkedIn

Open source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.

A (partial) Python rewriting of PowerSploit's PowerView

PowerShell Runspace Portable Post Exploitation Tool aimed at making Penetration Testing with PowerShell "easier"

Next generation web scanner

A webshell framework for penetration testers.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

The New Hacking Framework

An automated bitcoin wallet collider that brute forces random wallet addresses

Exploits and Security Tools Framework 2.0.1

Sifter aims to be a fully loaded Op Centre for Pentesters

Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.

CyberScan: Network's Forensics ToolKit

A swiss army knife for pentesting networks

Track any ip address with IP-Tracer. IP-Tracer is developed for Linux and Termux. you can retrieve any ip address information using IP-Tracer.

渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms

Free Security and Hacking eBooks

An Arch Linux repository for security professionals and enthusiasts. Done the Arch Way and optimized for i686, x86_64, ARMv6, ARMv7 and ARMv8.

IP Tools To quickly get information about IP Address's, Web Pages and DNS records.

Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords

A distributed nmap / masscan scanning framework complete with an API client for automation workflows