1006 Open source projects that are alternatives of or similar to volana

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

Hershell is a simple TCP reverse shell written in Go.

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

Extract subdomains from SSL certificates in HTTPS sites.

🔑 Hash type identifier (CLI & lib)

Snoop — инструмент разведки на основе открытых данных (OSINT world)

Chashell is a Go reverse shell that communicates over DNS. It can be used to bypass firewalls or tightly restricted networks.

Automation for internal Windows Penetrationtest / AD-Security

🔐 Docker Container for Penetration Testing & Security

Webshell Manager

An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

Overlord - Red Teaming Infrastructure Automation

Multi source CVE/exploit parser.

Awesome cloud enumerator

Web Recon & Exploitation Tool.

Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps. 👻🐚

个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

One stop place for exploiting Jira instances in your proximity

Tool to communicate with RPC services and check misconfigurations on NFS shares

Pentest Report Generator

Web path scanner

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

A collection of various GitHub gists for hackers, pentesters and security researchers

RFD Checker - security CLI tool to test Reflected File Download issues

A list to discover work of red team tooling and methodology for penetration testing and security assessment

Responsive Command and Control System

OSINT Swiss Army Knife

A curated list of awesome infosec courses and training resources.

Container with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

Most usable tools for iOS penetration testing

Vulnerability Dashboard

Awesome Node.js Security resources

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

Offensive tools as Dockerfiles. Lightweight & Ready to go

This challenge is Inon Shkedy's 31 days API Security Tips.

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

TryHackMe CTFs writeups, notes, drafts, scrabbles, files and solutions.

A Golang Reverse Shell w/ a Tmux-driven psuedo-C2 Interface

Monitoring GitLab for sensitive data shared publicly

Selenium powered Python script to automate searching for vulnerable web apps.

整理一些内网常用渗透小工具

Credsleaker allows an attacker to craft a highly convincing credentials prompt using Windows Security, validate it against the DC and in turn leak it via an HTTP request.

All In One Pentesting Tool For Recon & Auditing , Phone Number Lookup , Header , SSH Scan , SSL/TLS Scan & Much More.

A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.

generates weak passwords based on current date

Quick SQL Scanner, Dorker, Webshell injector PHP

Tool that will request the public disclosures on a specific HackerOne program and show them in a localhost webserver.

Monitoring GitHub for sensitive data shared publicly

Leverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.

🖖 Fast, modern, easy-to-use network scanner

Pentest: Subdomains enumeration tool for penetration testers.

An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.

A tool for generating reverse shell payloads on the fly.

PeekABoo tool can be used during internal penetration testing when a user needs to enable Remote Desktop on the targeted machine. It uses PowerShell remoting to perform this task. Note: Remote desktop is disabled by default on all Windows operating systems.

Turn your VPS into an attack box

Utility for hunting UAC bypasses or COM/DLL hijacks that alerts on the exported function that was consumed.

This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.

Microarchitectural exploitation and other hardware attacks.