We have collection of more than 1 Million open source products ranging from Enterprise product to small libraries in all platforms. We aggregate information from all open source repositories. Search and find the best for your needs. Check out projects section.
patator - Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.
Patator was written out of frustration from using Hydra, Medusa, Ncrack, Metasploit modules and Nmap NSE scripts for password guessing attacks. I opted for a different approach in order to not create yet another brute-forcing tool and avoid repeating the same shortcomings. Patator is a multi-threaded tool written in Python, that strives to be more reliable and flexible than his fellow predecessors. The name "Patator" comes from this.
pentest brute-forcepentest-wiki - PENTEST-WIKI is a free online security knowledge library for pentesters / researchers
is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.
pentest security hackingFindsploit - Find exploits in local and online databases instantly
Findsploit is a simple bash script to quickly and easily search both local and online exploit databases. This repository also includes "copysploit" to copy any exploit-db exploit to the current directory and "compilesploit" to automatically compile and run any C exploit (ie. ./copysploit 1337.c && ./compilesploit 1337.c). This software is free to distribute, modify and use with the condition that credit is provided to the creator (1N3@CrowdShield) and is not for commercial use.
exploits metasploit nmap pentest hackers exploitdb find searchSn1per - Automated Pentest Recon Scanner
Sn1per Community Edition is an automated scanner that can be used during a penetration test to enumerate and scan for vulnerabilities. Sn1per Professional is Xero Security's premium reporting addon for Professional Penetration Testers, Bug Bounty Researchers and Corporate Security teams to manage large environments and pentest scopes. For more information regarding Sn1per Professional, go to https://xerosecurity.com. To obtain a Sn1per Professional license, go to https://xerosecurity.com.
pentest pentesting hacking scanner automated kali-linux recon sn1per dns metasploit vulnerabilities scans sn1per-professional nuke shellshock subnetawesome-infosec - A curated list of awesome infosec courses and training resources.
A curated list of awesome information security resources, inspired by the awesome-* trend on GitHub. Those resources and tools are intended only for cybersecurity professional and educational use in a controlled environment.
infosec pentest courses penetration-testing security-professionals lab awesome securityShellPop - Pop shells like a master.
Shellpop is all about popping shells. With this tool you can generate easy and sophisticated reverse or bind shell commands to help you during penetration tests. Python 2.7 is required.
shell reverse pop-shells hacking pentest bind remoteDr0p1t-Framework - A framework that create an advanced stealthy dropper that bypass most AVs and have a lot of tricks
A framework that create an advanced stealthy dropper that bypass most AVs and have a lot of tricks
hacking-tool windows-hacking backdoor execution-policy-bypass hacking pentest uac-bypass kill-antivirus kali-linux powershell phishing social-engineering scam avs runas anti-forensics persistence spoofing malware dr0p1tlinux-kernel-exploits - linux-kernel-exploits Linux平台提权漏洞集合
linux-kernel-exploits Linux平台提权漏洞集合
kernel exploit tool collection awesome pentestwindows-kernel-exploits - windows-kernel-exploits Windows平台提权漏洞集合
windows-kernel-exploits Windows平台提权漏洞集合
kernel exploit tool collections pentestCloakify - CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings; Evade DLP/MLS Devices; Defeat Data Whitelisting Controls; Social Engineering of Analysts; Evade AV Detection
CloakifyFactory & the Cloakify Toolset - Data Exfiltration & Infiltration In Plain Sight; Evade DLP/MLS Devices; Social Engineering of Analysts; Defeat Data Whitelisting Controls; Evade AV Detection. Text-based steganography using lists. Convert any file type (e.g. executables, Office, Zip, images) into a list of everyday strings. Very simple tools, powerful concept, limited only by your imagination. For a quick start on CloakifyFactory, see the cleverly titled file "README_GETTING_STARTED.txt" in the project for a walkthrough.
cipher data-exfiltration hacking pentesting exfiltration steganography cryptography dlp av-evasion privacy security security-tools infosec red-team pentest pentest-tool hacking-tool hacking-tools pentest-tools stegoxssor2 - XSS'OR - Hack with JavaScript.
XSS'OR - Hack with JavaScript. It contains three major modules: Encode/Decode, Codz, Probe.
probe pentest-tool xss csrf encoding hacking-tool pentest hackOWASP Juice Shop - Probably the most modern and sophisticated insecure web application
OWASP Juice Shop is an intentionally insecure web application written entirely in JavaScript which encompasses the entire range of OWASP Top Ten and other severe security flaws. Each packaged distribution includes some binaries for SQLite bound to the OS and node.js version which npm install was executed on.
owasp vulnerable hacking application-security pentesting vulnapp appsec ctf web-security web-application-security webappsec pentest securityobjection - 📱 objection - runtime mobile exploration
objection is a runtime mobile exploration toolkit, powered by Frida. It was built with the aim of helping assess mobile applications and their security posture without the need for a jailbroken or rooted mobile device. The project's name quite literally explains the approach as well, whereby runtime specific objects are injected into a running process and executed using Frida.
mobile pentest framework ios instrumentation frida security android assessmentCloudFlair - 🔎 Find origin servers of websites behind by CloudFlare using Internet-wide scan data from Censys
CloudFlair is a tool to find origin servers of websites protected by CloudFlare who are publicly exposed and don't restrict network access to the CloudFlare IP ranges as they should. The tool uses Internet-wide scan data from Censys to find exposed IPv4 hosts presenting an SSL certificate associated with the target's domain name.
cloudflare pentest-tool pentestjsql-injection - jSQL Injection is a Java application for automatic SQL database injection.
jSQL Injection is a lightweight application used to find database information from a distant server. It is free, open source and cross-platform (Windows, Linux, Mac OS X).
database kali-linux pentest sql-injectionSocialFish - Ultimate phishing tool. Socialize with the credentials.
ONLY DOWNLOAD IT HERE, DO NOT TRUST IN OTHER PLACES. This is the official and only repository of the SocialFish project.
phishing pentesting undead educational pentestXAttacker - X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter
X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter
vulnerability-scanner vulnerability-detection vulnerability-exploit vulnerability-assessment security-scanner scanner security-tools website-vulnerability-scanner hacking hacking-tool pentest wp-scanner wordpress prestashop joomla lokomedia drupal auto-exploiter exploit exploitationodat - ODAT: Oracle Database Attacking Tool
ODAT (Oracle Database Attacking Tool) is an open source penetration testing tool that tests the security of Oracle Databases remotely. Tested on Oracle Database 10g, 11g and 12c.
oracle-database pentest-tool pentest privilege-escalationpydictor - A powerful and useful hacker dictionary builder for a brute-force attack
A powerful and useful hacker dictionary builder for a brute-force attack
password-generator wordlist-generator social-engineering-attacks password-dictionaries password-wordlist bruteforce-attacks brute-force blasting pentesting pentest hackertools password-cracker hacking-tool hacking wordlist weak-passwords bruteforce bruteforce-password-cracker bruteDumpsterFire - "Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events
The DumpsterFire Toolset is a modular, menu-driven, cross-platform tool for building repeatable, time-delayed, distributed security events. Easily create custom event chains for Blue Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Turn paper tabletop exercises into controlled "live fire" range events. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts. The toolset is designed to be dynamically extensible, allowing you to create your own Fires (event modules) to add to the included collection of toolset Fires. Just write your own Fire module and drop it into the FireModules directory. The DumpsterFire toolset will auto-detect your custom Fires at startup and make them available for use.
pentesting hacking hacking-tool pentest-tool automation security security-tools infosec pentest red-team blue-team red-teams blue-teams pentest-tools hacking-tools
We have large collection of open source products. Follow the tags from
Tag Cloud >>
Open source products are scattered around the web. Please provide information
about the open source projects you own / you use.
Add Projects.
