1239 Open source projects that are alternatives of or similar to Thc Hydra

Security program for recovering passwords and pen-testing servers, routers and IoT devices using brute-force password attacks.

Web path scanner

Password lists with top passwords to optimize bruteforce attacks

A tool to automate penetration tests

phpMyAdmin Authentication Bruteforce Tool

bruteforcing gmail (TLS/SSL)

generates weak passwords based on current date

Yet Another PHP Shell - The most complete PHP reverse shell

Next generation web scanner

JustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)

🔐 Docker Container for Penetration Testing & Security

A tool to test security of json web token

Wordlist for content(directory) bruteforce discovering with Burp or dirsearch

A wrapper for Nmap to quickly run network scans

DevBrute is a Password Brute Forcer, It can Brute Force almost all Social Media Accounts or Any Web Application.

Fast Modular Web Interfaces Bruteforcer

All releases of the security research group (a.k.a. hackers) The Hacker's Choice

Instagram multi-bruteforce Platfrom

Automated Bitcoin wallet generator that with mnemonic and passphrases bruteforces wallet addresses

Hacking Toolkit

pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)

Command line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.

Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。

Penetration Testing notes, resources and scripts

A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python

Set of tools to audit SIP based VoIP Systems

Python Interactive Deepweb-oriented Rapid Intelligent Link Analyzer

Let's you perform domain/IP information gathering... in BASH! Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?"

Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

SSRF (Server Side Request Forgery) testing resources

👀 🖥️ Golang rewrite of eyes.sh. Let's you perform domain/IP address information gathering. Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?" 🔍 🕵️

备考 OSCP 的各种干货资料/渗透测试干货资料

Extract subdomains from SSL certificates in HTTPS sites.

Relational database brute force and post exploitation tool for MySQL and MSSQL

🌔 Official Repository for DarkSpiritz Penetration Framework | Written in Python 🐍

👶 BabySploit Beginner Pentesting Toolkit/Framework Written in Python 🐍

A Python tool used to automate the execution of the following tools : Nmap , Nikto and Dirsearch but also to automate the report generation during a Web Penetration Testing

network reconnaissance toolkit

Subdomain enumeration through various techniques

Vagrant VirtualBox environment for conducting an internal network penetration test

HostHunter a recon tool for discovering hostnames using OSINT techniques.

Multi source CVE/exploit parser.

Open Redirect Payloads

Proof -Of-Concept Brute Force Login on a web-site with a good dictionary of words

Quick SQL Scanner, Dorker, Webshell injector PHP

WordPress pentest tool

Vaf is a cross-platform very advanced and fast web fuzzer written in nim

Steganography brute-force utility to uncover hidden data inside files

Powerful mutable web directory fuzzer to bruteforce existing and/or hidden files or directories.

brute force SSH public-key authentication

SMTP and IMAP checker / cracker for mailpass combolists with a user-friendly GUI, automated inbox test and many more features.

Multi OTP Spam Amp/Paralell threads

A ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network

A Modular Framework for the Automated Vulnerability Analysis in IP-based Networks

Sifter aims to be a fully loaded Op Centre for Pentesters

CVE-2016-8610 (SSL Death Alert) PoC

The LAZY script will make your life easier, and of course faster.

😹 Tomcter is a python tool developed to bruteforce Apache Tomcat manager login with Apache Tomcat default credentials.