1044 Open source projects that are alternatives of or similar to Trigmap

linuxprivchecker.py -- a Linux Privilege Escalation Check Script

🐶 A curated list of Web Security materials and resources.

Web Content Discovery Tool

Self contained htaccess shells and attacks

Faster and more efficient stateless SYN scanner and banner grabber due to userland TCP/IP stack usage.

A Not So Very Intelligent Fuzzer: An advanced fuzzing framework designed to find vulnerabilities in C/C++ code.

Uses Empire's (https://github.com/BC-SECURITY/Empire) RESTful API to automate gaining Domain and/or Enterprise Admin rights in Active Directory environments using some of the most common offensive TTPs.

Reverse proxies cheatsheet

Detect hidden files and text in images

A collection of various GitHub gists for hackers, pentesters and security researchers

K8Cscan大型内网渗透自定义插件化扫描神器，包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用，程序采用多线程批量扫描大型内网多个IP段C段主机，目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本，支持Cobalt Strike联动

Bruteforce HTTP Authentication

An extensible application for penetration testers and software developers to decode/encode data into various formats.

The Shadow Attack Framework

A simple dns resolver of dns-record and web-record log server for pentesting

A tool to hunt for publicly accessible DigitalOcean Spaces

DLL Password Filter Implant with Exfiltration Capabilities

Script collection to bypass Network Access Control (NAC, 802.1x)

Payload for teensy like a rubber ducky but the syntax is different. this Human interfaes device ( HID attacks ). Penetration With Teensy . Brutal is a toolkit to quickly create various payload,powershell attack , virus attack and launch listener for a Human Interface Device ( Payload Teensy )

The best Hacking and PenTesting tools installer on the world

IPv6 attack toolkit

A cross-platform note-taking & target-tracking app for penetration testers.

Generate unicode evil domains for IDN Homograph Attack and detect them.

Burp Bounty profiles compilation, feel free to contribute!

A Nmap XSL implementation with Bootstrap.

A Tools Session Hijacking And Stealer Local Passcode Telegram Windows

dnsub一款好用的子域名扫描工具

Sparty - MS Sharepoint and Frontpage Auditing Tool [Unofficial]

Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework

Collection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi

Subdomain Takeover tool written in Go

Wordpress Attack Suite

Content for hackingthe.cloud

Nmap on steroids. Simple CLI with the ability to run pure Nmap engine, 31 modules with 459 scan profiles.

Jackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.

Wireshark Cheat Sheet

USB Rubber Ducky type scripts written for the DigiSpark.

🔍 Tool for - Host Discovery, Port Scanning and Operating System Fingerprinting

An Infrastructure as Code (IaC) deployment of a small Active Directory pentest lab in the cloud. The deployment simulates a semi-realistic corporate enterprise Active Directory with a DC and endpoints. Purple team goals include blue team detection capabilities and R&D for detection engineering new approaches.

Infection vector that bypasses AV, IDS, and IPS. (For now...)

🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.

A collection of more than 140+ tools, scripts, cheatsheets and other loots that I have developed over years for Red Teaming/Pentesting/IT Security audits purposes. Most of them came handy on at least one of my real-world engagements.

🔥 A powerful MongoDB auditing and pentesting tool 🔥

Easy automated vulnerability scanning, reporting and analysis

Abusing Impersonation Privileges on Windows 10 and Server 2019

Our OSCP repo: from popping shells to mental health.

Pentest environment deployer (kali linux + targets) using vagrant and chef.

A Powerful Subdomain Takeover Tool

Automatically spawn a reverse shell fully interactive for Linux or Windows victim

Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.

Generate Gmail Emailing Keyloggers to Windows.

Automatic finder for subdomains vulnerable to takeover. Written in Go, based on @haccer's subjack.

Fast browser-based network discovery module

DotDotPwn - The Directory Traversal Fuzzer

Work in progress...

windows-kernel-exploits Windows平台提权漏洞集合

Mass scan IPs for vulnerable services

Ransom0 is a open source ransomware made with Python, designed to find and encrypt user data.

Script samples from the book Pentesting Azure Applications (2018, No Starch Press)

OWASP WEB Directory Scanner