375 Open source projects that are alternatives of or similar to Windows Ad Environment Related

WADComs is an interactive cheat sheet, containing a curated list of Unix/Windows offensive tools and their respective commands.

📚 Overview 🔒 Tooling 🔒 Process 🔒 Physical 🔒 People 📚

Open source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.

Collection of the most common vulnerabilities found in iOS applications

A container analysis and exploitation tool for pentesters and engineers.

CLI tool that finds secrets accidentally committed to a git repo, eg passwords, private keys

Sifter aims to be a fully loaded Op Centre for Pentesters

A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python

Security advisory database for Rust crates published through crates.io

A Ruby framework designed to aid in the penetration testing of WordPress systems.

Enable drop-in Windows Single Sign On for popular Java web servers.

My solutions to some CTF challenges and a list of interesting resources about pwning stuff

Automatic SQL injection and database takeover tool

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

一键提取安卓应用中可能存在的敏感信息。

Arissploit Framework is a simple framework designed to master penetration testing tools. Arissploit Framework offers simple structure, basic CLI, and useful features for learning and developing penetration testing tools.

Web application vulnerability scanner

Simple Golang HTTPS/TLS Examples

Enumerate usernames on a domain where you have no creds by using SMB Relay with low priv.

Reverse-engineering tools and exploits for Samsung's implementation of TrustZone

network reconnaissance toolkit

🔗 All the resources I could find for learning Ethical Hacking and Penetration Testing.

Linux Heap Exploitation Practice

Automatic SSRF fuzzer and exploitation tool

SQLi-Hunter is a simple HTTP / HTTPS proxy server and a SQLMAP API wrapper that makes digging SQLi easy.

X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

ssh mitm server for security audits supporting public key authentication, session hijacking and file manipulation

Responsive Command and Control System

SSL and TLS protocol test suite and fuzzer

fsociety Hacking Tools Pack – A Penetration Testing Framework

Technical details that a programmer of a web application should consider before making the site public.

Send encrypted PGP messages with one click

Android Kernel Exploitation

Cloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.

Cybersecurity Evaluation Tool

🐞 Primitive Erlang Security Tool

CMS auto detect and exploit.

Awesome tools to exploit Windows !

巡风是一款适用于企业内网的漏洞快速应急，巡航扫描系统。

Cloud Security Posture Management (CSPM)

OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.

🌸 Interactive shellcoding environment to easily craft shellcodes

ATT&CK实操

AD Health Check, Send HTML Email, Ping machines, Encrypt Password,Bulk Password,Microsoft Teams,Monitor Certificate expiry, Monitor cert expiry, AD attributes, IP to Hostname, Export AD group, CSV to SQL,Shutdown, Restart, Local Admin, Disk Space, Account expiry,Restore Permissions, Backup permissions, Delete Files Older Than X-Days, export DHCP options,Read Registry,Distribution group AD attributes,Monitor Windows Services,Export Reverse DNS,Task Monitor,Monitor and alert, Exchange Health check,Get Network Info, Export AD Attributes,AD group members, Office 365 Group member, SQL to CSV, Outlook save send attachments, Upload files to FTP,Exchange – Total Messages Sent Received, Set Teams Only Mode, Intune Duplicate Device,Intune Cleanup Not Evaluated, Ownership and Grant Permissions, Write Create Modify Registry , Organization Hierarchy from AD,Azure AD Privileged Identity Management,Intune – Export MAM Devices,Intune Marking devices as Corporate, Dynamic to Static Distribution Group,Monitor Alert Office 365 services,Group Member Count,Bulk Addition external users sharepoint, ADD to Exchange online License Group,All in One Office 365 Powershell,Bulk Addition of Secondary Email, Automate move mailboxes to o365, Addition Modification Termination Exchange users, Monitoring Unified Messaging port,Unified Messaging Extensions Report, Set Default Quota for SharePoint,Bulk Contact Creation and Forwarding, Uploading and Downloading files sftp, Monitoring Sftp file and download, Office 365 groups Write back, CSV parser, Email address update, Email address modify, MDM enrollment, Welcome Email, Intune Welcome Email, remove messages, remove email, SKOB to AD, SKOB to group, PowerApps report, Powerautomate Report, Flow report, Server QA, Server Check List, O365 IP range, IP range Monitor, o365 Admin Roles, memberof extraction, CSV to Excel, Skype Policy, UPN Flip, Rooms Report, License Reconciliation,Intune Bulk Device Removal, Device Removal, Clear Activesync, Lync Account Termination,Lync Account Removal, Enable office 365 services, Enable o365 Services, Export PST, Site collection Report, Office 365 Group Sites, System Admin,ActiveSync Report,White Space,Active Directory attributes, outlook automation, Intune Detect App, Distribution list Fix, Legacy DN, start service, stop service, disable service, Message tracking, Distribution lists report,Distribution groups report,Quota Report, Auto reply, out of office, robocopy multi session, Home Folder, local admin, Database, UPN SIP Mismatch, Recoverable deleted, teams number, Number assignment, teams phone, AD Group Hierarchy, Hierarchy membership, Sync Groups

Linux vulnerability scanner based on Salt Open and Vulners audit API, with Slack notifications and JIRA integration

A self-service password management tool for Active Directory

A list of vulnerabilities or design flaws that Microsoft does not intend to fix. Since the number is growing, I decided to make a list. This list covers only vulnerabilities that came up in July 2021 (and SpoolSample ;-))

Kubernetes Common Configuration Scoring System

Certified Smart Contract Audits (Ethereum, Hyperledger, xDAI, Huobi ECO Chain, Binance Smart Chain, Fantom, EOS, Tezos) by Chainsulting

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

This repository contains writeups for various CTFs I've participated in (Including Hack The Box).

The opposite of Ruler, provides blue teams with the ability to detect Ruler usage against Exchange.

Linux Binary Exploitation

How to prepare for OSCP complete guide

Set of tools to audit SIP based VoIP Systems

Cross-Site Scripting (XSS) command line tool for testing lists of XSS payloads on web apps.

A static-code-analysis tool for performing security-focused code reviews. It enables an auditor to swiftly map the attack-surface of a large application, with an emphasis on identifying development anti-patterns and footguns.

Collection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)

Writeup of CVE-2020-15906

An NFC research toolkit application for Android