863 Open source projects that are alternatives of or similar to Uptux

A standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)

Bash script purposed for system enumeration, vulnerability identification and privilege escalation.

The ultimate WinRM shell for hacking/pentesting

Capture-the-Flag (CTF) environment setup tools for OWASP Juice Shop

Comprehensive Web Based Phishing Suite for Rapid Deployment and Real-Time Alerting!

Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

The all-in-one Red Team extension for Web Pentester 🛠

Offensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.

👻 A LAN dropbox chatbot controllable via Telegram

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)

OSINT

Idiomatic nmap library for go developers

RubberDucky like payloads for DigiSpark Attiny85

HostHunter a recon tool for discovering hostnames using OSINT techniques.

DNS Rebinding Exploitation Framework

Useful tools and scripts during Penetration Testing engagements

Wi-Fi tools keep getting more and more accessible to beginners, and the Ehtools Framework is a framework of serious penetration tools that can be explored easily from within it. This powerful and simple tool can be used for everything from installing new add-ons to grabbing a WPA handshake in a matter of seconds. Plus, it's easy to install, set up, and utilize.

Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.

OSINT Tool: Generate username lists for companies on LinkedIn

Advanced Web Shell

Quickly analyze and reverse engineer Android packages

Ruby on Rails Phishing Framework

Collection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)

Python based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.

Vagrant VirtualBox environment for conducting an internal network penetration test

A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.

File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

An automated e-mail OSINT tool

Ferramenta para quebrar senhas administrativas de roteadores Wireless, routers, switches e outras plataformas de gestão de serviços de rede autenticados.

Micro-framework for rapid development of reusable security tools

Fast browser-based network discovery module

Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.

zynix-Fusion is a framework that aims to centralize, standardizeand simplify the use of various security tools for pentest professionals.zynix-Fusion (old name: Linux evil toolkit) has few simple commands, one of which is theinit function that allows you to define a target, and thus use all the toolswithout typing anything else.

🔪 Leak git repositories from misconfigured websites

A simple keylogger for Windows, Linux and Mac

A Python tool used to automate the execution of the following tools : Nmap , Nikto and Dirsearch but also to automate the report generation during a Web Penetration Testing

A tool to fastly get all javascript sources/files

Abusing Certificate Transparency logs for getting HTTPS websites subdomains.

Spoof SSDP replies and create fake UPnP devices to phish for credentials and NetNTLM challenge/response.

my oscp prep collection

RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.

Set of tools to audit SIP based VoIP Systems

Hawkeye filesystem analysis tool

RSPET (Reverse Shell and Post Exploitation Tool) is a Python based reverse shell equipped with functionalities that assist in a post exploitation scenario.

Python network worm that spreads on the local network and gives the attacker control of these machines.

Know the dangers of credential reuse attacks.

A Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.

Study Notes For Web Hacking / Web安全学习笔记

Kubernetes Goat is "Vulnerable by Design" Kubernetes Cluster. Designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security.

A simple dns resolver of dns-record and web-record log server for pentesting

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.

一款信息泄漏利用工具，适用于.git/.svn源代码泄漏和.DS_Store泄漏

The linux choice collection tools

Do some quick reconnaissance on a domain-based web-application

An HTTP based RAT (Remote Administration Tool) that allows you to remotely control devices from your browser

Wordpress 🔥 Joomla 🔥 Drupal 🔥 OsCommerce 🔥 Prestashop 🔥 Opencart 🔥

This tool will quickly search for exploitable binaries with SUID bit set in Linux and will output the method of exploitation from GTFObins

Repository of my CTF writeups