375 Open source projects that are alternatives of or similar to Windows Ad Environment Related

ssh mitm server for security audits supporting public key authentication, session hijacking and file manipulation

SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈

Responsive Command and Control System

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

SSL and TLS protocol test suite and fuzzer

nnposter's alternate fingerprint dataset for Nmap script http-default-accounts

fsociety Hacking Tools Pack – A Penetration Testing Framework

Anteater - CI/CD Gate Check Framework

Technical details that a programmer of a web application should consider before making the site public.

Terraform module for creating alarms for tracking important changes and occurrences from cloudtrail.

Send encrypted PGP messages with one click

A Go implementation of dirsearch.

Android Kernel Exploitation

proxy poc implementation of STARTTLS stripping attacks

Cloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.

Harden the world is a community driven project to develop hardening guidelines and checklists for common software and devices.

Cybersecurity Evaluation Tool

A tool for bug hunting or pentesting for targeting websites that have open .git repositories available in public

🐞 Primitive Erlang Security Tool

Custom memory allocator that helps discover reads from uninitialized memory

CMS auto detect and exploit.

A tool for auditing security properties of GCP projects.

Awesome tools to exploit Windows !

Wordpress Vulnerability Scanner

巡风是一款适用于企业内网的漏洞快速应急，巡航扫描系统。

A repository of tools for pentesting of restricted and isolated environments.

Cloud Security Posture Management (CSPM)

Automated NoSQL database enumeration and web application exploitation tool.

OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.

Android application fuzzing framework with fuzzers and crash monitor.

🌸 Interactive shellcoding environment to easily craft shellcodes

Tool to help exploit XXE vulnerabilities

ATT&CK实操

Automated All-in-One OS Command Injection Exploitation Tool.

AD Health Check, Send HTML Email, Ping machines, Encrypt Password,Bulk Password,Microsoft Teams,Monitor Certificate expiry, Monitor cert expiry, AD attributes, IP to Hostname, Export AD group, CSV to SQL,Shutdown, Restart, Local Admin, Disk Space, Account expiry,Restore Permissions, Backup permissions, Delete Files Older Than X-Days, export DHCP options,Read Registry,Distribution group AD attributes,Monitor Windows Services,Export Reverse DNS,Task Monitor,Monitor and alert, Exchange Health check,Get Network Info, Export AD Attributes,AD group members, Office 365 Group member, SQL to CSV, Outlook save send attachments, Upload files to FTP,Exchange – Total Messages Sent Received, Set Teams Only Mode, Intune Duplicate Device,Intune Cleanup Not Evaluated, Ownership and Grant Permissions, Write Create Modify Registry , Organization Hierarchy from AD,Azure AD Privileged Identity Management,Intune – Export MAM Devices,Intune Marking devices as Corporate, Dynamic to Static Distribution Group,Monitor Alert Office 365 services,Group Member Count,Bulk Addition external users sharepoint, ADD to Exchange online License Group,All in One Office 365 Powershell,Bulk Addition of Secondary Email, Automate move mailboxes to o365, Addition Modification Termination Exchange users, Monitoring Unified Messaging port,Unified Messaging Extensions Report, Set Default Quota for SharePoint,Bulk Contact Creation and Forwarding, Uploading and Downloading files sftp, Monitoring Sftp file and download, Office 365 groups Write back, CSV parser, Email address update, Email address modify, MDM enrollment, Welcome Email, Intune Welcome Email, remove messages, remove email, SKOB to AD, SKOB to group, PowerApps report, Powerautomate Report, Flow report, Server QA, Server Check List, O365 IP range, IP range Monitor, o365 Admin Roles, memberof extraction, CSV to Excel, Skype Policy, UPN Flip, Rooms Report, License Reconciliation,Intune Bulk Device Removal, Device Removal, Clear Activesync, Lync Account Termination,Lync Account Removal, Enable office 365 services, Enable o365 Services, Export PST, Site collection Report, Office 365 Group Sites, System Admin,ActiveSync Report,White Space,Active Directory attributes, outlook automation, Intune Detect App, Distribution list Fix, Legacy DN, start service, stop service, disable service, Message tracking, Distribution lists report,Distribution groups report,Quota Report, Auto reply, out of office, robocopy multi session, Home Folder, local admin, Database, UPN SIP Mismatch, Recoverable deleted, teams number, Number assignment, teams phone, AD Group Hierarchy, Hierarchy membership, Sync Groups

Linux and Windows shellcode enrichment utility

Linux vulnerability scanner based on Salt Open and Vulners audit API, with Slack notifications and JIRA integration

Exploit for CVE-2019-9810 Firefox on Windows 64-bit.

A self-service password management tool for Active Directory

CVE-2019-1652 /CVE-2019-1653 Exploits For Dumping Cisco RV320 Configurations & Debugging Data AND Remote Root Exploit!

A list of vulnerabilities or design flaws that Microsoft does not intend to fix. Since the number is growing, I decided to make a list. This list covers only vulnerabilities that came up in July 2021 (and SpoolSample ;-))

Tool to generate ROP gadgets for ARM, AARCH64, x86, MIPS, PPC, RISCV, SH4 and SPARC

Kubernetes Common Configuration Scoring System

Offensive Software Exploitation Course

Certified Smart Contract Audits (Ethereum, Hyperledger, xDAI, Huobi ECO Chain, Binance Smart Chain, Fantom, EOS, Tezos) by Chainsulting

Version 0.2 - Exploit Time-based blind-SQL injection in HTTP-Headers (MySQL/MariaDB).

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

A thorough library database to assist with binary exploitation tasks.

This repository contains writeups for various CTFs I've participated in (Including Hack The Box).

MQTT-PWN intends to be a one-stop-shop for IoT Broker penetration-testing and security assessment operations.

The opposite of Ruler, provides blue teams with the ability to detect Ruler usage against Exchange.

Helps you continuously monitor and fix common security vulnerabilities in your Django application.

How to prepare for OSCP complete guide

Set of tools to audit SIP based VoIP Systems

Cross-Site Scripting (XSS) command line tool for testing lists of XSS payloads on web apps.

A static-code-analysis tool for performing security-focused code reviews. It enables an auditor to swiftly map the attack-surface of a large application, with an emphasis on identifying development anti-patterns and footguns.

Collection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)

Writeup of CVE-2020-15906

An NFC research toolkit application for Android

CodeCat is an open-source tool to help you find/track user input sinks and security bugs using static code analysis. These points follow regex rules. Beta version.