1936 Open source projects that are alternatives of or similar to Thc Archive

RubberDucky like payloads for DigiSpark Attiny85

Quickly analyze and reverse engineer Android packages

This powershell script has got to run in remote hacked windows host, even for pivoting

Mouse Framework is an iOS and macOS post-exploitation framework that gives you a command line session with extra functionality between you and a target machine using only a simple Mouse payload. Mouse gives you the power and convenience of uploading and downloading files, tab completion, taking pictures, location tracking, shell command execution, escalating privileges, password retrieval, and much more.

Notes about attacking Jenkins servers

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

Tool Information Gathering Write By Python.

A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

Spoof SSDP replies and create fake UPnP devices to phish for credentials and NetNTLM challenge/response.

File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

XSS'OR - Hack with JavaScript.

The all-in-one Red Team extension for Web Pentester 🛠

HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.

大型内网渗透扫描器&Cobalt Strike，Ladon8.9内置120个模块，包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2，密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem，Poc/Exploit,支持Cobalt Strike 3.X-4.0

Hacker101 CTF Writeup

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能

👀 🖥️ Golang rewrite of eyes.sh. Let's you perform domain/IP address information gathering. Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?" 🔍 🕵️

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

👶 BabySploit Beginner Pentesting Toolkit/Framework Written in Python 🐍

PacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.

Extract subdomains from SSL certificates in HTTPS sites.

A Tool that Finds, Enumerates, and Exploits Reolink Cameras.

Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.

OSINT Tool: Generate username lists for companies on LinkedIn

All in One Hacking Tool for Linux & Android (Termux). Make your linux environment into a Hacking Machine. Hackers are welcome in our blog

SMTP and IMAP checker / cracker for mailpass combolists with a user-friendly GUI, automated inbox test and many more features.

The LAZY script will make your life easier, and of course faster.

Offensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.

Multi source CVE/exploit parser.

A script to configure a TP-Link MR3040 running OpenWRT into a simple, yet powerful penetration-testing "dropbox".

Quick SQL Scanner, Dorker, Webshell injector PHP

Chromepass - Hacking Chrome Saved Passwords

A curated list of awesome privilege escalation

Python3 tool to perform password spraying using RDP

Automated Pentest Tools Designed For Parrot Linux

hacker, ready for more of our story ! 🚀

A collection of JavaScript Codes I've made to enhance the User Experience of Discord and some other Discord related stuff

Cheat-Sheet of tools for penetration testing

Boxer: A fast directory bruteforce tool written in Python with concurrency.

Exploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)

Vulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.

Log any method call of object in Objective-C

Some of my public exploits

Docker - Ubuntu with a bunch of PenTesting tools and wordlists

NetCat for Windows

Web application vulnerability scanner

Collection of several DDos tools.

A Powerful Penetration Tool For Automating Penetration Tasks Such As Local Privilege Escalation, Enumeration, Exfiltration and More... Use Or Build Automation Modules To Speed Up Your Cyber Security Life

Go library for credentials recovery

BadUSB Teensy downexec exploit support Windows & Linux / Windows Cmd & PowerShell addUser exploit

WordPress pentest tool

Tool to communicate with RPC services and check misconfigurations on NFS shares

JSON RSA to HMAC and None Algorithm Vulnerability POC

Ashok is a OSINT Recon Tool , a.k.a 😍 Swiss Army knife .

Apache HTTP Server 2.4.49, 2.4.50 - Path Traversal & RCE

PeekABoo tool can be used during internal penetration testing when a user needs to enable Remote Desktop on the targeted machine. It uses PowerShell remoting to perform this task. Note: Remote desktop is disabled by default on all Windows operating systems.

CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4

Exploiting challenges in Linux and Windows