370 Open source projects that are alternatives of or similar to Wifi Dumper

Self contained htaccess shells and attacks

Dark-Phish is a complete phishing tool. For more about Dark-Phish tool please visit the website.

Find cloud assets that no one wants exposed 🔎 ☁️

Penetration Test Framwork

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

WordPress pentest tool

Awesome hacking is an awesome collection of hacking tools.

Collection of several DDos tools.

Gorsair hacks its way into remote docker containers that expose their APIs

A simple, extensible C&C beaconing system.

Cameradar hacks its way into RTSP videosurveillance cameras

Pass in a list of URLs with query strings, get back a unique list of URLs and query string combinations

IPv6 attack toolkit

PENIOT: Penetration Testing Tool for IoT

🔄 A collection of mitmproxy inline scripts

Docker - Ubuntu with a bunch of PenTesting tools and wordlists

Ruby on Rails Phishing Framework

Boxer: A fast directory bruteforce tool written in Python with concurrency.

A simple tool for interacting with OWASP ZAP from the commandline.

Opening the door, one reverse shell at a time

Jackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.

Collection of penetration test reports and pentest report templates. Published by the the best security companies in the world.

unix SSH post-exploitation 1337 tool

Bash script that automates the enumeration of domains and DNS servers in the active information gathering.

USB Rubber Ducky type scripts written for the DigiSpark.

Automated Pentest Tools Designed For Parrot Linux

A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.

Kali Intelligence Suite (KIS) shall aid in the fast, autonomous, central, and comprehensive collection of intelligence by executing standard penetration testing tools. The collected data is internally stored in a structured manner to allow the fast identification and visualisation of the collected information.

DotDotPwn - The Directory Traversal Fuzzer

Classic code from 1999+ I am fairly sure this is the first public polymorphic shellcode ever (best IMHO and others http://ids.cs.columbia.edu/sites/default/files/ccs07poly.pdf :) If I ever port this to 64 or implement a few other suggestions (sorry I lost ppc code version contributed) it will be orders of magnitude more difficult to spot, so I h…

my oscp prep collection

A Python Hacking Library consisting of network scanner, arp spoofer and detector, dns spoofer, code injector, packet sniffer, network jammer, email sender, downloader, wireless password harvester credential harvester, keylogger, download&execute, ransomware, data harvestors, etc.

A powerful hacker toolkit collected more than 10 categories of open source scanners from Github - 安全行业从业者自研开源扫描器合辑

pentest toolbox

HydraFW official firmware for HydraBus/HydraNFC for researcher, hackers, students, embedded software developers or anyone interested in debugging/hacking/developing/penetration testing

An XMLRPC brute forcer targeting Wordpress written in Python 3. (DISCONTINUED)

Modern tactical exploitation toolkit.

Web Penetration Testing with Kali Linux - Third Edition, published by Packt

Common password pattern generator using strings list

A dictionary attack tool for PostgreSQL and MSSQL

Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords

Collect email addresses by crawling search engine results.

Vagrant VirtualBox environment for conducting an internal network penetration test

Quick SQL Scanner, Dorker, Webshell injector PHP

Hack the World using Termux

Vaf is a cross-platform very advanced and fast web fuzzer written in nim

A collection of public offensive and defensive security related scripts for InfoSec students.

CloudDefense.ai is an automated web application security testing tool that audits your web applications by checking for vulnerabilities like SQL Injection, Cross-site scripting and other exploitable vulnerabilities.

A distributed nmap / masscan scanning framework complete with an API client for automation workflows

Fast tool to extract all subdomains from crt.sh website. Output will be up to sub.sub.sub.subdomain.com with standard and advanced search techniques

Advanced vulnerability scanning with Nmap NSE

hydra

Wordpress 🔥 Joomla 🔥 Drupal 🔥 OsCommerce 🔥 Prestashop 🔥 Opencart 🔥

Armor is a simple Bash script designed to create encrypted macOS payloads capable of evading antivirus scanners.

C++/Win32/Boost Windows RAT (Remote Administration Tool) with a multiplatform Java/Spring RESTful C2 server and Go, C++/Qt5 frontends

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

Code from Blackhat Python book

Don't let buffer overflows overflow your mind

A portable console aimed at making pentesting with PowerShell a little easier.

This script will you help to find the information about the website and to help in penetrating testing