1239 Open source projects that are alternatives of or similar to Thc Hydra

Watchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.

Wi-Fi sploit is a password cracker for an admin page of a Wi-Fi Router.

A simple SSH bruteforce script targeting (not necessarily) Raspbian devices.

It's a Docker Environment for pentesting which having all the required tool for VAPT.

Simple directory brute-force tool written with python.

Kali Live Build Scripts

Bitcoin private key brute force tool, written in python. Also can be used as a bitcoin wallet generator.

List of Security Archives Tools and software, generally for facilitate security & penetration research. Opening it up to everyone will facilitate a knowledge transfer. Hopefully the initial set will grow and expand.

Command line tool that allows you to explore IoT devices by using Shodan API.

Automate Pentest Tool

Web Recon & Exploitation Tool.

C2/post-exploitation framework

ODAT: Oracle Database Attacking Tool

NetCat for Windows

Automated WPA/WPA2 PSK attack tool.

Cat-Nip Automated Basic Pentest Tool - Designed For Kali Linux

Bruteforce HTTP Authentication

Offensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.

🔎 Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.

大型内网渗透扫描器&Cobalt Strike，Ladon8.9内置120个模块，包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2，密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem，Poc/Exploit,支持Cobalt Strike 3.X-4.0

Pymeta will search the web for files on a domain to download and extract metadata. This technique can be used to identify: domains, usernames, software/version numbers and naming conventions.

Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.

An SNMPv3 User Enumerator and Attack tool

📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.

Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.

Automated Penetration Testing Framework

Jackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.

Penetration Testing Platform

Simple Karma Attack

A standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)

Bifrost C2. Open-source post-exploitation using Discord API

Feature-rich Post Exploitation Framework with Network Pivoting capabilities.

A curated list of awesome privilege escalation

BruteSploit is a collection of method for automated Generate, Bruteforce and Manipulation wordlist with interactive shell. That can be used during a penetration test to enumerate and maybe can be used in CTF for manipulation,combine,transform and permutation some words or file text :p

unix SSH post-exploitation 1337 tool

Keye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will make a request to these URLs and try to detect changes based on their response's body length.

A fast web directory/file enumeration tool written in Rust

Pentesting suite for Maltego based on data in a Metasploit database

Modular personalized dictionary generator.

HashExpoit is Great Tool For Cracking Hash

Portia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised. Portia performs privilege escalation as well as lateral movement automatically in the network

Bilingual PhishingKit. TigerShark intergrates a vast array of various phishing tools and frameworks, from C2 servers, backdoors and delivery methods in multiple scripting languages in order to suit whatever your deployment needs may be.

Domain name permutation engine written in Go

Ary 是一个集成类工具，主要用于调用各种安全工具，从而形成便捷的一键式渗透。

Common Web Managers Fuzz Wordlists

simple discord nitro code generator and checker written in c#

SocialBox is a Bruteforce Attack Framework [ Facebook , Gmail , Instagram ,Twitter ] , Coded By Belahsan Ouerghi Edit By init__0 for termux on android

Offensive Reverse Shell (Cheat Sheet)

Gorsair hacks its way into remote docker containers that expose their APIs

Spoilerwall introduces a brand new concept in the field of network hardening. Avoid being scanned by spoiling movies on all your ports!

It's a tool which generate a dictionary from a csv containing personals informations. Generate all common passwords based on perso info. (leet transformations and combinatory processing)

BFSG - BruteForce String Generator 😾

A Common User Passwords generator script that looks like the tool Eliot used it in Mr.Robot Series Episode 01 :D :v

(Doesn't work anymore)

RubberDucky like payloads for DigiSpark Attiny85

Cheat-Sheet of tools for penetration testing

Argus Advanced Remote & Local Keylogger For macOS and Windows

Better PHP rate limiting using Redis.

This powershell script has got to run in remote hacked windows host, even for pivoting

Internal penetration testing tool for Linux that can be used to enumerate OS information, domain information, shares, directories, and users through SMB.