1086 Open source projects that are alternatives of or similar to Traitor

Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps. 👻🐚

Get GTFOBins info about a given exploit from the command line

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

Linux enumeration tool for pentesting and CTFs with verbosity levels

a unique framework for cybersecurity simulation and red teaming operations, windows auditing for newer vulnerabilities, misconfigurations and privilege escalations attacks, replicate the tactics and techniques of an advanced adversary in a network.

Bash script purposed for system enumeration, vulnerability identification and privilege escalation.

Automated Mass Exploiter

Scrapes Router Passwords From http://www.routerpasswords.com ,more then +300 product

The Swiss Army knife for automated Web Application Testing

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

A Golang Reverse Shell w/ a Tmux-driven psuedo-C2 Interface

Collection of things made during my OSCP journey

My proof-of-concept exploits for the Linux kernel

Tests for race conditions in web applications. Includes a RESTful API to integrate into a continuous integration pipeline.

HTTP Request Smuggling over HTTP/2 Cleartext (h2c)

X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

A default credential scanner.

An OSINT Metadata analyzing tool that filters through tags and creates reports

Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.

Hide secrets with invisible characters in plain text securely using passwords 🧙🏻‍♂️⭐

Find cloud assets that no one wants exposed 🔎 ☁️

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

Cameradar hacks its way into RTSP videosurveillance cameras

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

A Blazing fast Security Auditing tool for Kubernetes

Dashboard to collect, analyze, and respond to reported phishing emails.

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)

A collection of links related to Linux kernel security and exploitation

A collection of hacking / penetration testing resources to make you better!

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

Python script to decrypt passwords stored by mRemoteNG

Ladon Pentest Scanner framework 全平台LadonGo开源内网渗透扫描器框架，使用它可轻松一键批量探测C段、B段、A段存活主机、高危漏洞检测MS17010、SmbGhost，远程执行SSH/Winrm，密码爆破SMB/SSH/FTP/Mysql/Mssql/Oracle/Winrm/HttpBasic/Redis，端口扫描服务识别PortScan指纹识别/HttpBanner/HttpTitle/TcpBanner/Weblogic/Oxid多网卡主机，端口扫描服务识别PortScan。

DeimosC2 is a Golang command and control framework for post-exploitation.

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

A collection of awesome security hardening guides, tools and other resources

We propose a user-friendly add-on that allows you to check if your encrypted web traffic (SSL/TLS) towards secured Internet servers (HTTPS) is not intercepted (being listened to).

Most usable tools for iOS penetration testing

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能

All-in-one tool for managing vulnerability reports from AppSec pipelines

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

Tool made to automate tasks of pentesting.

protocol fuzzing toolkit

This repository contains writeups for various CTFs I've participated in (Including Hack The Box).

Container with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters

Search for Unix binaries that can be exploited to bypass system security restrictions.

大型内网渗透扫描器&Cobalt Strike，Ladon8.9内置120个模块，包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2，密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem，Poc/Exploit,支持Cobalt Strike 3.X-4.0

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…

Common password pattern generator using strings list

gtfo, now with the speed of golang

Exploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)

Brahma - Privilege elevation exploit for Nintendo 3DS

🔑 Hash type identifier (CLI & lib)

This powershell script has got to run in remote hacked windows host, even for pivoting

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

Webshell Manager

All In One Pentesting Tool For Recon & Auditing , Phone Number Lookup , Header , SSH Scan , SSL/TLS Scan & Much More.

Collection of different exploits

Misc. Public Reports of Penetration Testing and Security Audits.