821 Open source projects that are alternatives of or similar to Xshock

👨‍💻👩‍💻100 Days Of SwiftUI free course from Hacking with Swift. 👨‍💻👩‍💻

个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

Apache Solr Injection Research

Penetration Testing notes, resources and scripts

🐳 Full-fledged Android SDK Docker Image

Internal penetration testing tool for Linux that can be used to enumerate OS information, domain information, shares, directories, and users through SMB.

无状态子域名爆破工具

Email recon made fast and easy, with a framework to build on

JustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)

Ruby on Rails Phishing Framework

3389远程桌面代码执行漏洞CVE-2019-0708批量检测工具(Rdpscan Bluekeep Check)

An HTTP/HTTPS intercept proxy written in Go.

for mass exploiting

tool to extract passwords from TeamViewer memory using Frida

Repo for YouTube series

CTF (Capture The Flag) writeups, code snippets, notes, scripts

📟Binary Hacking Course

A front-end JavaScript toolkit for creating DNS rebinding attacks.

Automatically Launch Google Hacking Queries Against A Target Domain

Writeups for infosec Capture the Flag events by team Galaxians

ODAT: Oracle Database Attacking Tool

🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.

Rust code to show how hooking in rust with a dll works.

Perun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架

OneForAll是一款功能强大的子域收集工具

A collection of more than 140+ tools, scripts, cheatsheets and other loots that I have developed over years for Red Teaming/Pentesting/IT Security audits purposes. Most of them came handy on at least one of my real-world engagements.

A tool to automate penetration tests

👶 BabySploit Beginner Pentesting Toolkit/Framework Written in Python 🐍

Abusing Impersonation Privileges on Windows 10 and Server 2019

SMBExec implementation in Nim - SMBv2 using NTLM Authentication with Pass-The-Hash technique

It's a simple tool for test vulnerability shellshock

👥😈 Infect a pc with badusb and establish a connection through telegram.

HULK DoS tool ported to Go with some additional features.

The Web Application Hacker's Handbook - Extra Content

👻 RAT (Remote Access Trojan) - Silent Botnet - Full Remote Command-Line Access - Download & Execute Programs - Spread Virus' & Malware

Proves JVM cheats are viable on native games, and demonstrates the longevity against anti-cheat signature detection systems

(Not actively maintained, use DRV3-Sharp) Tools for extracting and re-injecting files for Danganronpa V3 for PC.

🎯 Advanced debugging skills used in the iOS project development process, involves the dynamic debugging, static analysis and decompile of third-party libraries. iOS 项目开发过程中用到的高级调试技巧，涉及三方库动态调试、静态分析和反编译等领域

BruteSploit is a collection of method for automated Generate, Bruteforce and Manipulation wordlist with interactive shell. That can be used during a penetration test to enumerate and maybe can be used in CTF for manipulation,combine,transform and permutation some words or file text :p

DNS Rebinding Exploitation Framework

🎯 XML External Entity (XXE) Injection Payload List

Powerfull XSS Scanning and Parameter analysis tool&gem

[Solo para programadores] Troyano espía | Keylogger solo para Windows, se replica en el sistema y se inicia automaticamente al iniciar sesión. | Envío de registro mediante [Base de Datos], [Gmail] o [BotTelegram].

📓 Some security related notes

Kubernetes Goat is "Vulnerable by Design" Kubernetes Cluster. Designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security.

Search for Directory Traversal Vulnerabilities

Damn Vulnerable Web Application (DVWA)

Quickly analyze and reverse engineer Android packages

Making Favicon.ico based Recon Great again !

A collection of android Exploits and Hacks

Dracnmap is an open source program which is using to exploit the network and gathering information with nmap help. Nmap command comes with lots of options that can make the utility more robust and difficult to follow for new users. Hence Dracnmap is designed to perform fast scaning with the utilizing script engine of nmap and nmap can perform various automatic scanning techniques with the advanced commands.

A list of resources for those interested in getting started in bug bounties

linux post-exploitation framework made by linux user

FiercePhish is a full-fledged phishing framework to manage all phishing engagements. It allows you to track separate phishing campaigns, schedule sending of emails, and much more.

Packer Fuzzer is a fast and efficient scanner for security detection of websites constructed by javascript module bundler such as Webpack.

A curated list of awesome privilege escalation

C# Hacking library for making PC game trainers.

Passhunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.

Tools, tips, tricks, and more for exploring ICS Security.

Extract endpoints from APK files