1146 Open source projects that are alternatives of or similar to Vailyn

Gives you one-liners that aids in penetration testing operations, privilege escalation and more

TryHackMe CTFs writeups, notes, drafts, scrabbles, files and solutions.

整理一些内网常用渗透小工具

Vaf is a cross-platform very advanced and fast web fuzzer written in nim

Multi source CVE/exploit parser.

Static and dynamic Android application security analysis

Internal penetration testing tool for Linux that can be used to enumerate OS information, domain information, shares, directories, and users through SMB.

NetCat for Windows

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

Network Vulnerability Scanner

Docker Scan is a Command Line Interface to run vulnerability detection on your Dockerfiles and Docker images

Go library for credentials recovery

Framework For Exploring kernel vulnerabilities, network vulnerabilities ✨

It's a Docker Environment for pentesting which having all the required tool for VAPT.

🌒 Shell command obfuscation to avoid detection systems

A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/

an easy pentesting tool.

Red Team Toolkit is an Open-Source Django Offensive Web-App which is keeping the useful offensive tools used in the red-teaming together.

Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。

Notes for taking the OSCP in 2097. Read in book form on GitBook

Penetration Testing Platform

mXtract - Memory Extractor & Analyzer

Command line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.

A Modular Framework for the Automated Vulnerability Analysis in IP-based Networks

Automated Penetration Testing Framework

SMTP and IMAP checker / cracker for mailpass combolists with a user-friendly GUI, automated inbox test and many more features.

Safety checks your installed dependencies for known security vulnerabilities

This repository contains writeups for various CTFs I've participated in (Including Hack The Box).

Passhunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.

Awesome cloud enumerator

A ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network

🔪 Leak git repositories from misconfigured websites

OSINT Tool: Generate username lists for companies on LinkedIn

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

Tool Information Gathering Write By Python.

Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

A standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)

Fast and customizable vulnerability scanner based on simple YAML based DSL.

A REST API security testing framework.

A powerful hacker toolkit collected more than 10 categories of open source scanners from Github - 安全行业从业者自研开源扫描器合辑

Python3 tool to perform password spraying using RDP

PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform

Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security.

A web front-end for password cracking and analytics

👻Stowaway -- Multi-hop Proxy Tool for pentesters

Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords

BurpSuite收集：包括不限于 Burp 文章、破解版、插件(非BApp Store)、汉化等相关教程，欢迎添砖加瓦---burpsuite-pro burpsuite-extender burpsuite cracked-version hackbar hacktools fuzzing fuzz-testing burp-plugin burp-extensions bapp-store brute-force-attacks brute-force-passwords waf sqlmap jar

Idiomatic nmap library for go developers

一款功能强大的漏洞扫描器，子域名爆破使用aioDNS，asyncio异步快速扫描，覆盖目标全方位资产进行批量漏洞扫描，中间件信息收集，自动收集ip代理，探测Waf信息时自动使用来保护本机真实Ip，在本机Ip被Waf杀死后，自动切换代理Ip进行扫描，Waf信息收集(国内外100+款waf信息)包括安全狗，云锁，阿里云，云盾，腾讯云等，提供部分已知waf bypass 方案，中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等)，支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能

A list to discover work of red team tooling and methodology for penetration testing and security assessment

Next generation web scanner

PacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.

Browse and search through nmap's NSE scripts.

Gorsair hacks its way into remote docker containers that expose their APIs

Ruby on Rails Phishing Framework

Academic papers related to fuzzing, binary analysis, and exploit dev, which I want to read or have already read

🐶 A curated list of Web Security materials and resources.

Python based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.

Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands on training!

Responsive Command and Control System