821 Open source projects that are alternatives of or similar to Xshock

👶 BabySploit Beginner Pentesting Toolkit/Framework Written in Python 🐍

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能

Docker security analysis & hacking tools

做redteam时使用，修改自Ridter的https://github.com/Ridter/Intranet_Penetration_Tips

Automated hacking tool that will find leaked databases with 97.1% accurate to grab mail + password together from recent uploads from https://pastebin.com. Bruteforce support for spotify accounts, instagram accounts, ssh servers, microsoft rdp clients and gmail accounts

🤖 The Modern Port Scanner 🤖

Wireless USB Rubber Ducky triggered via BLE (make your Ubertooth quack!)

Code for my 0x00sec.org posts

This is a multi-use bash script for Linux systems to audit wireless networks.

Osintgram is a OSINT tool on Instagram. It offers an interactive shell to perform analysis on Instagram account of any users by its nickname

The DevSecOps toolset for REST APIs

👻 RAT (Remote Access Trojan) - Silent Botnet - Full Remote Command-Line Access - Download & Execute Programs - Spread Virus' & Malware

Social engineering tool [Access Webcam & Microphone & Location Finder] With Python

Read and write process memory in Node.js (Windows API functions exposed via Node bindings)

All In One Pentesting Tool For Recon & Auditing , Phone Number Lookup , Header , SSH Scan , SSL/TLS Scan & Much More.

Creative and unusual things that can be done with the Windows API.

A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit ARM & 64-bit ARM architectures.

(Not actively maintained, use DRV3-Sharp) Tools for extracting and re-injecting files for Danganronpa V3 for PC.

phishEye is an ultimate phishing tool in python. Includes popular websites like Facebook, Twitter, Instagram, LinkedIn, GitHub, Dropbox, and many others. Created with Flask, custom templates, and tunneled with ngrok and localhost.run.

Hacking IKEA TRÅDFRI products, such as light bulbs, window blinds and other accessories.

Social media hunter

🔩 jwt-hack is tool for hacking / security testing to JWT. Supported for En/decoding JWT, Generate payload for JWT attack and very fast cracking(dict/brutefoce)

🎯 Advanced debugging skills used in the iOS project development process, involves the dynamic debugging, static analysis and decompile of third-party libraries. iOS 项目开发过程中用到的高级调试技巧，涉及三方库动态调试、静态分析和反编译等领域

Everything needed for doing CTFs

A Tool that Finds, Enumerates, and Exploits Reolink Cameras.

Mirror of my favourite hacking Zines for the lulz, nostalgy, and reference

整理一些内网常用渗透小工具

TechNowLogger is Windows/Linux Keylogger Generator which sends key-logs via email with other juicy target info

🎯 XML External Entity (XXE) Injection Payload List

🍰 Trace objc method call for ios and mac

Powerfull XSS Scanning and Parameter analysis tool&gem

CatchME - WiFi Fun Box "Having Fun with ESP8266"

Quick SQLMap Tamper Suggester

Enumerate information from NTLM authentication enabled web endpoints 🔎

RSPET (Reverse Shell and Post Exploitation Tool) is a Python based reverse shell equipped with functionalities that assist in a post exploitation scenario.

JSshell - JavaScript reverse/remote shell

Kubernetes Goat is "Vulnerable by Design" Kubernetes Cluster. Designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security.

A list of payload and bypass lists for penetration testing and red team infrastructure build.

Search for Directory Traversal Vulnerabilities

Auto IP or Domain Attack Tool ( #1 )

Damn Vulnerable Web Application (DVWA)

A simple keylogger for Windows, Linux and Mac

Social media & camera hacking & whatsapp virus & SMS bombing

Clear all your logs in [linux/windows] servers 🛡️

Python3 tool to perform password spraying using RDP

Install And Use Kali Linux With Gui In Termux

Harden the world is a community driven project to develop hardening guidelines and checklists for common software and devices.

A collection of android Exploits and Hacks

Dracnmap is an open source program which is using to exploit the network and gathering information with nmap help. Nmap command comes with lots of options that can make the utility more robust and difficult to follow for new users. Hence Dracnmap is designed to perform fast scaning with the utilizing script engine of nmap and nmap can perform various automatic scanning techniques with the advanced commands.

Raptor - WAF - Web application firewall using DFA [ Current version ] - Beta

Payload for teensy like a rubber ducky but the syntax is different. this Human interfaes device ( HID attacks ). Penetration With Teensy . Brutal is a toolkit to quickly create various payload,powershell attack , virus attack and launch listener for a Human Interface Device ( Payload Teensy )

Security Orchestration, Automation and Response (SOAR) Platform. 安全编排与自动化响应平台，无需编写代码的安全自动化，使用 SOAR 可以让团队工作更加高效

The linux choice collection tools

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)

An HTTP based RAT (Remote Administration Tool) that allows you to remotely control devices from your browser

Hatch is a brute force tool that is used to brute force most websites

Privilege Escalation Enumeration Script for Windows

SkyRAT - Powershell Remote Administration Tool

ServerScan一款使用Golang开发的高并发网络扫描、服务探测工具。

Open Redirect Payloads