403 Open source projects that are alternatives of or similar to Umbrella

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Best Tool For Phishing, Future Of Phishing

A Cloudflare resolver that works

Tool to communicate with RPC services and check misconfigurations on NFS shares

hydra

BadUSB Teensy downexec exploit support Windows & Linux / Windows Cmd & PowerShell addUser exploit

Pop shells like a master.

Dark-Phish is a complete phishing tool. For more about Dark-Phish tool please visit the website.

The best and easiest way to decode and repack AWVS scripts. AWVS 最好、最简单、最新的解码/再打包方法，仅15行代码！

Phishing Facebook Page in Django Code(Python Based)

Tool for catching and logging different types of requests.

Social Media Hacking & Information Tool

Fast directory scanning and scraping tool

Custom security distro for remote penetration testing

Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network

Intelligent threat hunter and phishing servers

Penetration Testing notes, resources and scripts

This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.

Let's track phishing kits to give to research community raw material to study !

Visual Basic Code universal Obfuscator intended to be used during penetration testing assignments.

Hershell is a simple TCP reverse shell written in Go.

nuclei framework scripts

Script collection to bypass Network Access Control (NAC, 802.1x)

Fast website scraper and wordlist generator

GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes.

PeekABoo tool can be used during internal penetration testing when a user needs to enable Remote Desktop on the targeted machine. It uses PowerShell remoting to perform this task. Note: Remote desktop is disabled by default on all Windows operating systems.

Unsorted, raw, ugly & probably poorly usable tools for reversing, exploit and pentest

Using Social Engineering To Obtain WiFi Passwords

A post exploitation tool based on a web application, focusing on bypassing endpoint protection and application whitelisting

BloodHound Docker Ready to Use

Sparty - MS Sharepoint and Frontpage Auditing Tool [Unofficial]

ThePhish: an automated phishing email analysis tool

Quickly analyze and reverse engineer Android packages

GoPhish Templates that I have retired and/or templates I've recreated.

nray distributed port scanner

Phishing dataset with more than 88,000 instances and 111 features. Web application available at. https://gregavrbancic.github.io/Phishing-Dataset/

A curated list of awesome privilege escalation

A script to configure a TP-Link MR3040 running OpenWRT into a simple, yet powerful penetration-testing "dropbox".

🔎 Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.

Open and collaborative content from leet hackers!

Sifter aims to be a fully loaded Op Centre for Pentesters

汽车/安卓/固件/代码安全测试工具集

A list of payload and bypass lists for penetration testing and red team infrastructure build.

This is a Phishing tool. Phishing is a type of hacking also called credential harvesting. It creates fake websites for victims to login which saves their login info which includes IP, User-Agent, Username and Password to a file in the computer running Blackeye. This tool has been there for Linux and even Android via Termux. I converted it to Win…

A fully featured Windows backdoor that uses Gmail as a C&C server

An open-source Secure Email Gateway (SEG) evaluation toolkit designed for red-teamers.

Find exploits in local and online databases instantly

Pentest: Subdomains enumeration tool for penetration testers.

SS7 MAP (pen-)testing toolkit. DISCONTINUED REPO, please use: https://github.com/0xc0decafe/ss7MAPer/

Bash script which installs and runs the Fluxion tool inside Termux, a wireless security auditing tool used to perform attacks such as WPA/WPA2 cracking and MITM attacks.

An Infrastructure as Code (IaC) deployment of a small Active Directory pentest lab in the cloud. The deployment simulates a semi-realistic corporate enterprise Active Directory with a DC and endpoints. Purple team goals include blue team detection capabilities and R&D for detection engineering new approaches.

Misc. Public Reports of Penetration Testing and Security Audits.

渗透测试人员专用精简化字典 Dictionary for penetration testers happy hacker

Multiplatform payload dropper

Intelligence and Reconnaissance Package/Bundle installer.

Community-built scenarios for Wifiphisher

Generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage.

A wrapper for Nmap to quickly run network scans

Webshell Manager

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.