We have collection of more than 1 Million open source products ranging from Enterprise product to small libraries in all platforms. We aggregate information from all open source repositories. Search and find the best for your needs. Check out projects section.
Winpayloads - Undetectable Windows Payload Generation
Undetectable Windows Payload Generation
persistence kali payloads bypass antivirus uac meter msfconsole metasploit powershell netsec undetectableSpookFlare - Loader, dropper generator with multiple features for bypassing client-side and network-side countermeasures
SpookFlare has a different perspective to bypass security measures and it gives you the opportunity to bypass the endpoint countermeasures at the client-side detection and network-side detection. SpookFlare is a loader/dropper generator for Meterpreter, Empire, Koadic etc. SpookFlare has obfuscation, encoding, run-time code compilation and character substitution features. So you can bypass the countermeasures of the target systems like a boss until they "learn" the technique and behavior of SpookFlare payloads. Special thanks to the following projects and contributors.
av-bypass loader dropper av-evasion endpoint-bypass antivirus-evasion antivirus-testing obfuscation bypassGTFOBins
GTFOBins is a curated list of Unix binaries that can be exploited by an attacker to bypass local security restrictions. Browse the project here.
post-exploitation unix bypass gtfobins binaries reverse-shell bind-shell exfiltration redteam blueteamcaptcha-tensorflow - Image Captcha Solving Using TensorFlow and CNN Model. Accuracy 90%+
There are several more steps to put this prototype on production. Ping me for paid technical supports.
captcha-solving tensorflow deep-learning cnn captcha captcha-tensorflow bypassThe (E)Lephant, The share sites download manager! [RapidShare MegaUpload ++]
The (E)Lephant is a project i have started about two years ago that holds the sole purpose of helping users to help users with rapidshare automatic downloading support, or any other share host for that matter! It automatically downloads from rapidshare with much more to it!
automation bypass download-manager downloader megaupload rapidshareMDownloader
A tiny application designed for downloading files available at the most popular file hosting servers. Don't click - queue it.
aforge bypass captcha dddfresh-require - Bypass the require cache when requiring a module – works with both node and browserify
Bypass the require cache when requiring a module – works with both node and browserify.Where module is the name of the module you're requiring, as you would normally pass to require. require should be your file's local require function.
browserify node require resolve cache bypass clear ignore freshmysql-unsha1 - Authenticate against a MySQL server without knowing the cleartext password
Authenticate against a MySQL server without knowing the cleartext password. This PoC shows how it is possible to authenticate against a MySQL server under certain circumstances without knowing the cleartext password when the Secure Password Authentication authentication plugin (aka mysql_native_password, the default method) is used.
mysql sha1 authentication password bypass sniffer attacker pocBurpSuiteHTTPSmuggler - A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques
A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques. This extension has been developed by Soroush Dalili (@irsdl) from NCC Group. The initial release (v0.1) only supports the Encoding capability that can be quite complicated to be performed manually. See the references for more details.
waf bypass burpsuite burpsuite-extenderbypasses - Repackaging of Bypass with additional features
See the sample for more. Image loading can be done via the ImageGetter interface. Libraries exist for Picasso and Glide.
bypass android markdown renderingBypassPicassoImageGetter - Loads images for Bypass using Picasso
See the sample project for a comprehensive example.
picasso bypass markdown androidbypass-censorship-korea - :page_with_curl: 한국에서 인터넷 검열을 피하는 방법
본 문서는 국내 ISP 유해 사이트 필터링의 취약점을 간략하게 설명해놓은 문서이며, 이 문서의 내용을 악용할 시에는 법적 문제가 발생할 수 있으며, 그로 발생한 사고에 대해서 작성자는 절대 책임지지 않습니다. 한국에서 시대를 역행하는 warning.or.kr을 피하는 방법과 Node.js 기반 코드를 포함하고 있습니다.
bypass nodejs security koreaHumanoid - Node.js package to bypass CloudFlare's anti-bot JavaScript challenges
A Node.js package to bypass WAF anti-bot JS challenges. Humanoid is a Node.js package to solve and bypass CloudFlare (and hopefully in the future - other WAFs' as well) JavaScript anti-bot challenges. While anti-bot pages are solvable via headless browsers, they are pretty heavy and are usually considered over the top for scraping. Humanoid can solve these challenges using the Node.js runtime and present the protected HTML page. The session cookies can also be delegated to other bots to continue scraping causing them to avoid the JS challenges altogether.
bot anti-bot anti-bot-page bypass humanoid bypass-waf scrape scraping web-scraping waf cloudflare protected-pages captchaPRISM-AP - An automated Wireless RogueAP MITM attack framework.
PRISM-AP is an automated Wireless RogueAP MITM attack framework. This script is distributed "as is" and no support will be provided in it's current state (not intended for beginners).
wireless pentesting pentest framework kali security automated mitm mana karma hsts bypass intercept tool tools 802-1xAdflyUrlGrabber - A python script designed to grab the original url from an adfly url without opening it :D
A python script designed to grab the original URL.
adfly bypass shorten-urls python-scriptabuse-ssl-bypass-waf - Bypassing WAF by abusing SSL/TLS Ciphers
Notice: If you are worry about WAF drop the connection, you have better not use -thread option.
bypass-wafs ssl-ciphersuites-check bypass web-application-firewall-bypassingRIPv6 - Random IPv6 - circumvents restrictive IP address-based filter and blocking rules
A precondition for RIPv6 is an existing gateway that carries out the routing of the IPv6 network. The specific address range and this gateway are currently defined in the script itself in the Variables section. This section can also be used to define the time value for the rotation of IP addresses. In a later version these values can also be defined using parameters. IP addresses in the network range are randomly generated by the GenerateAddress() function, which currently generates addresses for a /64 subnet. Support for /48 networks is planned. The original function itself comes from Vladislav V. Prodan, although I have modified and shortened it for my own purposes.
ipv6 ipv6-address randomization vulnerability-scanners penetration-testing bypass evasion bypassing firewall-traversalAndroid-Reports-and-Resources - A big list of Android Hackerone disclosed reports and other resources
A big list of Android Hackerone disclosed reports and other resources.
android hackerone android-repo android-security android-resource bugbounty infosec xss steal-files bypass webview insecure-data-storage intercept-broadcastsIAT_API - Assembly block for finding and calling the windows API functions inside import address table(IAT) of the running PE file
Assembly block for finding and calling the windows API functions inside import address table(IAT) of the running PE file. Design of the block is inspired by Stephen Fewer's block_api and Josh Pitts's 2017 DEFCON talk. iat_api finds the addresses of API functions by parsing the _IMAGE_IMPORT_DESCRIPTOR structure entries inside the import table of the PE file. It first calculates the ROR(13) hash of the (module name + function name) and compares with the hash passed to block. If the hash matches it calls the function with the parameters passed to block.
shellcode exploit bypass malware antivirus
We have large collection of open source products. Follow the tags from
Tag Cloud >>
Open source products are scattered around the web. Please provide information
about the open source projects you own / you use.
Add Projects.
