153 Open source projects that are alternatives of or similar to Windows

Web Recon & Exploitation Tool.

Scripts, plugins, and information for working with Samsung's Shannon baseband.

Sifter aims to be a fully loaded Op Centre for Pentesters

This repository contains writeups for various CTFs I've participated in (Including Hack The Box).

Collection of bash scripts I wrote to make my life easier or test myself that you may find useful.

Subaru StarLink persistent root code execution.

RAIR: RAdare In Rust

Full exploit chain (CVE-2019-11708 & CVE-2019-9810) against Firefox on Windows 64-bit.

Advanced Web Browser Fingerprinting

SQLi-Hunter is a simple HTTP / HTTPS proxy server and a SQLMAP API wrapper that makes digging SQLi easy.

CMS auto detect and exploit.

NTPD remote DOS exploit and vulnerable container

Automated Mass Exploiter

Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps. 👻🐚

Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.

r2 the Rhme3! The RHme (Riscure Hack me) is a low level hardware CTF that comes in the form of an Arduino board (AVR architecture). It involves a set of SW and HW challenges to test your skills in different areas such as side channel analysis, fault injection, reverse-engineering and software exploitation. In our talk we will briefly recap RHme2…

A collection of pwn/CTF related utilities for Ghidra

Automatic Exploit Generation Paper

Academic papers related to fuzzing, binary analysis, and exploit dev, which I want to read or have already read

Solutions for ROP Emporium challenges (https://ropemporium.com/) in python.

This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack

Feature-rich Post Exploitation Framework with Network Pivoting capabilities.

Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security.

A collection of useful links for Pentesters

AndroRAT | Remote Administrator Tool for Android OS Hacking

MS17-010: Python and Meterpreter

🌒 Shell command obfuscation to avoid detection systems

Course materials for Modern Binary Exploitation by RPISEC

Format string exploitation helper

Very vulnerable ARM/AARCH64 application (CTF style exploitation tutorial with 14 vulnerability techniques)

Challenges and vulnerabilities exploitation.

fireELF - Fileless Linux Malware Framework

EmpireCTF – write-ups, capture the flag, cybersecurity

Exploit Pack -The next generation exploit framework

Microarchitectural exploitation and other hardware attacks.

WADComs is an interactive cheat sheet, containing a curated list of Unix/Windows offensive tools and their respective commands.

How to exploit a double free vulnerability in 2021. Use After Free for Dummies

Attify OS - Distro for pentesting IoT devices

You are probably looking for: https://github.com/ViRb3/magisk-frida

A container analysis and exploitation tool for pentesters and engineers.

Fast, parallel, cross-variant ROP/JOP gadget search for x86/x64 binaries.

🌸 Interactive shellcoding environment to easily craft shellcodes

block game military grade radar

Automatic SQL injection and database takeover tool

A blazing fast™ multithreaded ROP Gadget finder. ropper / ropgadget alternative

An IDA Pro plugin to examine the glibc heap, focused on exploit development

An exploit for CVE-2016-7255 on Windows 7/8/8.1/10(pre-anniversary) 64 bit

Linux Heap Exploitation Practice

Cheatsheet to exploit and learn SQL Injection.

A collection where my current and future writeups for exploits/CTF will go

Reconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.

A standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)

Find exploitable PHP files by parameter fuzzing and function call tracing

mXtract - Memory Extractor & Analyzer

Medfusion 4000 security research & a MQX RCE.

📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.

Linux Binary Exploitation

UNIX-like reverse engineering framework and command-line toolset.

Notes for taking the OSCP in 2097. Read in book form on GitBook

Android Kernel Exploitation