2782 Open source projects that are alternatives of or similar to Vulnx

大型内网渗透扫描器&Cobalt Strike，Ladon8.9内置120个模块，包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2，密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem，Poc/Exploit,支持Cobalt Strike 3.X-4.0

NERVE Continuous Vulnerability Scanner

Free advanced and modern Windows botnet with a nice and secure PHP panel.

Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

Tool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

Arissploit Framework is a simple framework designed to master penetration testing tools. Arissploit Framework offers simple structure, basic CLI, and useful features for learning and developing penetration testing tools.

API, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)

It's a simple tool for test vulnerability shellshock

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

Next generation web scanner

Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

3389远程桌面代码执行漏洞CVE-2019-0708批量检测工具(Rdpscan Bluekeep Check)

Crawler (Bot) searching for credential leaks on different paste sites.

network reconnaissance toolkit

🔨 Manage your website via terminal

Log any method call of object in Objective-C

PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform

Security Orchestration, Automation and Response (SOAR) Platform. 安全编排与自动化响应平台，无需编写代码的安全自动化，使用 SOAR 可以让团队工作更加高效

Watchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.

This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)

Chromepass - Hacking Chrome Saved Passwords

Security Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.

A Linux packet crafting tool.

Undetectable & Xor encrypting with custom KEY (FUD Metasploit Rat) bypass Top Antivirus like BitDefender,Malwarebytes,Avast,ESET-NOD32,AVG,... & Automatically Add ICON and MANIFEST to excitable

Patch iOS Apps, The Easy Way, Without Jailbreak.

一款功能强大的漏洞扫描器，子域名爆破使用aioDNS，asyncio异步快速扫描，覆盖目标全方位资产进行批量漏洞扫描，中间件信息收集，自动收集ip代理，探测Waf信息时自动使用来保护本机真实Ip，在本机Ip被Waf杀死后，自动切换代理Ip进行扫描，Waf信息收集(国内外100+款waf信息)包括安全狗，云锁，阿里云，云盾，腾讯云等，提供部分已知waf bypass 方案，中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等)，支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

Track any ip address with IP-Tracer. IP-Tracer is developed for Linux and Termux. you can retrieve any ip address information using IP-Tracer.

A standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)

🤖 The Modern Port Scanner 🤖

OSINT Swiss Army Knife

Sifter aims to be a fully loaded Op Centre for Pentesters

PacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.

The Web Application Hacker's Handbook - Extra Content

[Solo para programadores] Troyano espía | Keylogger solo para Windows, se replica en el sistema y se inicia automaticamente al iniciar sesión. | Envío de registro mediante [Base de Datos], [Gmail] o [BotTelegram].

Quickly analyze and reverse engineer Android packages

Automatically Launch Google Hacking Queries Against A Target Domain

fireELF - Fileless Linux Malware Framework

Penetration Testing notes, resources and scripts

Attack Surface Management Platform | Sn1perSecurity LLC

Attack surface mapping

Open source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.

A list of security/hacking tools that have been collected from the internet. Suggestions are welcomed.

Automated Mass Exploiter

Find web directories without bruteforce

All in One Hacking Tool for Linux & Android (Termux). Make your linux environment into a Hacking Machine. Hackers are welcome in our blog

vulscan 扫描系统：最新的poc&exp漏洞扫描，redis未授权、敏感文件、java反序列化、tomcat命令执行及各种未授权扫描等...

Drone pentesting framework console

红队综合渗透框架

ReconPi - A lightweight recon tool that performs extensive scanning with the latest tools.

Open Source Information Facebook

Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.

A ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network

Auto Scanning to SSL Vulnerability

Fast and customizable vulnerability scanner based on simple YAML based DSL.