1480 Open source projects that are alternatives of or similar to Writeups

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.

TryHackMe CTFs writeups, notes, drafts, scrabbles, files and solutions.

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Bash script purposed for system enumeration, vulnerability identification and privilege escalation.

🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks

🔑 Hash type identifier (CLI & lib)

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

Multi source CVE/exploit parser.

A Powerful Penetration Tool For Automating Penetration Tasks Such As Local Privilege Escalation, Enumeration, Exfiltration and More... Use Or Build Automation Modules To Speed Up Your Cyber Security Life

Argus Advanced Remote & Local Keylogger For macOS and Windows

A standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)

A curated list of VULNERABLE APPS and SYSTEMS which can be used as PENETRATION TESTING PRACTICE LAB.

Penetration test Achieve Knowledge Unite Rapid Interface

Penetration tests guide based on OWASP including test cases, resources and examples.

Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps. 👻🐚

PatrowlHears - Vulnerability Intelligence Center / Exploits

A tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo for linux privilege escalation.

cvebase is a community-driven vulnerability data platform to discover the world's top security researchers and their latest disclosed vulnerabilities & PoCs

Linux enumeration tool for pentesting and CTFs with verbosity levels

Sifter aims to be a fully loaded Op Centre for Pentesters

A tool that automates the process of enumeration

Reconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.

WADComs is an interactive cheat sheet, containing a curated list of Unix/Windows offensive tools and their respective commands.

🆕 The Multi-Tool Web Vulnerability Scanner.

Feature-rich Post Exploitation Framework with Network Pivoting capabilities.

File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

Framework For Exploring kernel vulnerabilities, network vulnerabilities ✨

Apache HTTP Server 2.4.49, 2.4.50 - Path Traversal & RCE

🔐 Docker Container for Penetration Testing & Security

Git All the Payloads! A collection of web attack payloads.

A Tool that Finds, Enumerates, and Exploits Reolink Cameras.

Hourly updated database of exploit and exploitation reports

Pentest Report Generator

Awesome Node.js Security resources

CyberQueens lesson materials - learning resources and exercises for aspiring reverse engineers, exploit developers, and hackers 👩‍💻👨‍💻

Offensive Reverse Shell (Cheat Sheet)

recon-ng modules for Censys

聚合Github上已有的Poc或者Exp，CVE信息来自CVE官网。Auto Collect Poc Or Exp from Github by CVE ID.

Exploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)

A Highly Accessible and Automated Virtualization Platform for Security Education

Repository of my CTF writeups

OpenSSH 2.3 up to 7.4 Mass Username Enumeration (CVE-2018-15473).

An inventory of tools and resources about CyberSecurity that aims to help people to find everything related to CyberSecurity.

List of every possible vulnerabilities in computer security.

Exploiting challenges in Linux and Windows

Docker - Ubuntu with a bunch of PenTesting tools and wordlists

Collection of several DDos tools.

Spray365 makes spraying Microsoft accounts (Office 365 / Azure AD) easy through its customizable two-step password spraying approach. The built-in execution plan features options that attempt to bypass Azure Smart Lockout and insecure conditional access policies.

Bash script for CTF automating basic enumeration

Suggests programs to run against services found during the enumeration phase of a Pentest

Discover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty

dr.rer.oec.gadget IDAPython plugin for the Interactive Disassembler <ABANDONED PROJECT>

Python Program to obfuscate URLs to make Phishing attacks more difficult to detect. Uses Active open redirect list and other URL obfuscation techniques.

🌒 Shell command obfuscation to avoid detection systems

Get GTFOBins info about a given exploit from the command line

Linux kernel development & exploitation lab.

graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology is behind a given GraphQL endpoint.

Automated script to run all modules for a specified list of domains, netblocks or company name