1310 Open source projects that are alternatives of or similar to Xunfeng

This is my OSCP cheat sheet made by combining a lot of different resources online with a little bit of tweaking. I used this cheat sheet during my exam (Fri, 13 Sep 2019) and during the labs. I can proudly say it helped me pass so I hope it can help you as well ! Good Luck and Try Harder

Ferramenta para quebrar senhas administrativas de roteadores Wireless, routers, switches e outras plataformas de gestão de serviços de rede autenticados.

Find secrets on any machine from over 120 Different Signatures.

BurpSuite收集：包括不限于 Burp 文章、破解版、插件(非BApp Store)、汉化等相关教程，欢迎添砖加瓦---burpsuite-pro burpsuite-extender burpsuite cracked-version hackbar hacktools fuzzing fuzz-testing burp-plugin burp-extensions bapp-store brute-force-attacks brute-force-passwords waf sqlmap jar

Remote control your police scanner

Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps. 👻🐚

My OSCP journey

This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.

Simple Server Side Request Forgery services enumeration tool.

图形化漏洞利用集成工具

Privilege Escalation Enumeration Script for Windows

The knife of the Admin & Security auditor

BURP extension to record every HTTP request send via BURP and create an audit trail log of an assessment.

This repo will contain some basic pentest/RT commands.

Vagrant VirtualBox environment for conducting an internal network penetration test

Information Security Library

Find web directories without bruteforce

yet another web fingerprinter

无状态子域名爆破工具

Kubescape is a K8s open-source tool providing a multi-cloud K8s single pane of glass, including risk analysis, security compliance, RBAC visualizer and image vulnerabilities scanning.

A repo with information about security of Ethereum Smart Contracts

Different utility scripts for pentesting and hacking.

A community collection of security reviews of open source software components.

Rockyou for web fuzzing

👶 BabySploit Beginner Pentesting Toolkit/Framework Written in Python 🐍

A simple wrapper for C# tools

Validate all your Customer IAM Policies against AWS Access Analyzer - Policy Validation

Generates malicious LNK file payloads for data exfiltration

Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer

Enumerate and decrypt TeamViewer credentials from Windows registry

The AWS Enumerator was created for service enumeration and info dumping for investigations of penetration testers during Black-Box testing. The tool is intended to speed up the process of Cloud review in case the security researcher compromised AWS Account Credentials.

Yet Another PHP Shell - The most complete PHP reverse shell

Exploits developed by me.

retrieve information via O365 with a valid cred

CVE-2016-8610 (SSL Death Alert) PoC

An automated target reconnaissance pipeline.

pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)

Automation Capable Multi Search 64 Bit Windows Memory Scanner

Some of my security stuff and vulnerabilities. Nothing advanced. More to come.

LLMNR/NBNS/mDNS Spoofing Detection Toolkit

SessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally.

This repository houses the interactions, consultations and work management to support the maintenance of baselined components of the Consumer Data Right API Standards and Information Security profile.

Quick tool for checking CVE-2020-0688 on multiple hosts with a non-intrusive method.

A curated list of awesome OSCP resources

Some of my public exploits

Audit your public Google Drive files.

Tool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.

Public Repository of Open Source Tools for Cyber Threat Intelligence Analysts and Researchers

ISAF aims to be a framework that provides the necessary tools for the correct security audit of industrial environments. This repo is a mirror of https://gitlab.com/d0ubl3g/industrial-security-auditing-framework.

Spoof SSDP replies and create fake UPnP devices to phish for credentials and NetNTLM challenge/response.

Get GTFOBins info about a given exploit from the command line

Awesome Nmap Grep

Take any phone-taken picture and turn it into a document scan.

Some exploits, which I’ve created during my OSCE preparation.

web-based OSINT and reconaissance toolkit

一款监控端口变化的系统——beholder_scanner端

File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

A fully automatic wifi deauther coded in Python

A backdoor with a multitude of features.

An automated e-mail OSINT tool