572 Open source projects that are alternatives of or similar to Wavecrack

Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。

Brute force attack tool for Azure AD Autologon/Seamless SSO - Source: https://arstechnica.com/information-technology/2021/09/new-azure-active-directory-password-brute-forcing-flaw-has-no-fix/

Its a framework filled with alot of options and hacking tools you use directly in the script from brute forcing to payload making im still adding more stuff i now have another tool out called htkl-lite its hackers-tool-kit just not as big and messy to see updates check on my instagram @tuf_unkn0wn or if there are any problems message me on instagram

generates weak passwords based on current date

Company Passwords Profiler (aka ComPP) helps making a bruteforce wordlist for a targeted company.

Security program for recovering passwords and pen-testing servers, routers and IoT devices using brute-force password attacks.

大型内网渗透扫描器&Cobalt Strike，Ladon8.9内置120个模块，包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2，密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem，Poc/Exploit,支持Cobalt Strike 3.X-4.0

Data leak checker & OSINT Tool

DLL Password Filter Implant with Exfiltration Capabilities

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)

K8Cscan大型内网渗透自定义插件化扫描神器，包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用，程序采用多线程批量扫描大型内网多个IP段C段主机，目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本，支持Cobalt Strike联动

Password4j is a user-friendly cryptographic library that supports Argon2, Bcrypt, Scrypt, PBKDF2 and various cryptographic hash functions.

Vulnerability Recurrence:漏洞复现记录

World's fastest and most advanced password recovery utility

Bruteforce HTTP Authentication

Open source all-in-one CLI tool to semi-automate pentesting.

Symfony Password strength and blacklisting validator bundle

The simple password manager for geeks, built with Rust.

Container with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters

An Infrastructure as Code (IaC) deployment of a small Active Directory pentest lab in the cloud. The deployment simulates a semi-realistic corporate enterprise Active Directory with a DC and endpoints. Purple team goals include blue team detection capabilities and R&D for detection engineering new approaches.

Collection of quality safety articles. Awesome articles.

Webshell Manager

Email OSINT & Password breach hunting tool, locally or using premium services. Supports chasing down related email

A tool to test security of json web token

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

Automatic SSRF fuzzer and exploitation tool

GPG symmetric password manager

nray distributed port scanner

Cat-Nip Automated Basic Pentest Tool - Designed For Kali Linux

See if your passwords in pass has been breached.

Offensive Web Testing Framework (OWTF), is a framework which tries to unite great tools and make pen testing more efficient http://owtf.org https://twitter.com/owtfp

C2Hack, sharing tips and tricks for pentesters

Get All Registered Wifi Passwords from Target Computer.

macOS password generator

FPASS · 密码安全管理工具

Dump ntds.dit really fast

CODO运维工具支持：告警管理、告警自愈、项目管理、事件管理、加密解密、随机密码、提醒管理等

Keye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will make a request to these URLs and try to detect changes based on their response's body length.

SSRF (Server Side Request Forgery) testing resources

KratosKnife is a Advanced BOTNET Written in python 3 for Windows OS. Comes With Lot of Advanced Features such as Persistence & VM Detection Methods, Built-in Binder, etc

A curated list of VULNERABLE APPS and SYSTEMS which can be used as PENETRATION TESTING PRACTICE LAB.

Fast Modular Web Interfaces Bruteforcer

Dorks for shodan.io. Some basic shodan dorks collected from publicly available data.

Hooks in to interesting functions and helps reverse the web app faster.

Cheetah GUI

Set of tools to audit SIP based VoIP Systems

自己收集整理自用的字典

A fast, simple, recursive content discovery tool written in Rust.

KeePassXC is a cross-platform community-driven port of the Windows application “Keepass Password Safe”.

This is a rich-featured Visual Basic macro code for use during Penetration Testing assignments, implementing various advanced post-exploitation techniques.

Penetration tests guide based on OWASP including test cases, resources and examples.

The ultimate WinRM shell for hacking/pentesting

A Cloudflare resolver that works

Free cross-platform password manager compatible with KeePass

cve-2019-0604 SharePoint RCE exploit

Awesome Node.js Security resources

An application that serves KeePass database entries on a web frontend

溯光 (TrackRay) 3 beta⚡渗透测试框架（资产扫描|指纹识别|暴力破解|网页爬虫|端口扫描|漏洞扫描|代码审计|AWVS|NMAP|Metasploit|SQLMap）

Pop shells like a master.