1146 Open source projects that are alternatives of or similar to Vailyn

Web Pentesting Fuzz 字典,一个就够了。

Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network

PROJECT DELTA: SDN SECURITY EVALUATION FRAMEWORK

Wazuh - Ruleset

Everything needed for doing CTFs

Hacking, pen-testing, and cyber-security related tools built with Python.

Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. [email protected]

Infection vector that bypasses AV, IDS, and IPS. (For now...)

This tool was created as a Proof of Concept to reveal the threats related to web service misconfiguration using CloudFlare as reverse proxy and WAF

hack tools

无状态子域名爆破工具

Reverse shell manager using tmux and ncat

The best and easiest way to decode and repack AWVS scripts. AWVS 最好、最简单、最新的解码/再打包方法，仅15行代码！

My solutions to some CTF challenges and a list of interesting resources about pwning stuff

List of Security Archives Tools and software, generally for facilitate security & penetration research. Opening it up to everyone will facilitate a knowledge transfer. Hopefully the initial set will grow and expand.

Extension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.

Umbraco CMS 7.12.4 - (Authenticated) Remote Code Execution

🎯 XML External Entity (XXE) Injection Payload List

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

Intercept, modify, repeat and attack Android's Binder transactions using Burp Suite

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

🔥 A powerful MongoDB auditing and pentesting tool 🔥

BootStomp: a bootloader vulnerability finder

Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.

This repository contains full code examples from the book Gray Hat C#

All MITM attacks in one place.

Collection of bash scripts I wrote to make my life easier or test myself that you may find useful.

Burp extension to passively scan for applications revealing software version numbers

Chimera is a (shiny and very hack-ish) PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.

A collection of resources I'm using while working toward the OSCP

A container repository for my public web hacks!

Kubernetes Native, Runtime Container Image Scanning

Automated Mass Exploiter

Stop half-done API specifications! Cherrybomb is a CLI tool that helps you avoid undefined user behaviour by validating your API specifications.

做redteam时使用，修改自Ridter的https://github.com/Ridter/Intranet_Penetration_Tips

Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.

Our OSCP repo: from popping shells to mental health.

A collection of Ansible roles for automating infosec builds.

DeepSea Phishing Gear

A MongoDB importer and API for Project Sonars DNS datasets

Browser Exploitation Framework is a Open-source penetration testing tool that focuses on browser-based vulnerabilities .This Python Script does the changes Required to make hooked Linked Accessible Over WAN .So anyone can use this framework and Attack Over WAN without Port Forwarding [NGROK or any Localhost to Webhost Service Required ]

Simple Karma Attack

Spoilerwall introduces a brand new concept in the field of network hardening. Avoid being scanned by spoiling movies on all your ports!

Search for Directory Traversal Vulnerabilities

A vulnerability fuzzing tool written in bash, it contains the most commonly used tools to perform vulnerability scan

Wazuh - Amazon AWS Cloudformation

BlackRAT - Java Based Remote Administrator Tool

Python-based CLI Password Analyser (Reporting Tool)

Open source pre-operation C2 server based on python and powershell

ODAT: Oracle Database Attacking Tool

The fastest dork scanner written in Go.

grep rough audit - source code auditing tool

A proof of concept injectable C++ dll, that uses naked inline hooking and direct memory modification to change your TeamViewer permissions.

CMS auto detect and exploit.

Linux Binary Exploitation

🙃 Reverse Shell Cheat Sheet 🙃

Framework designed to automate various wireless networks attacks (the project was presented on Pentester Academy TV's toolbox in 2017).

被动式漏洞扫描系统

A Powershell client for dnscat2, an encrypted DNS command and control tool.

OWASP VBScan is a Black Box vBulletin Vulnerability Scanner