27 open-source projects similar to powerscript/katanaframework, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best KatanaFramework alternative.
This project is a curated, version-controlled directory of software and resources designed for cybersecurity professionals and researchers. It functions as a centralized knowledge base that aggregates and organizes external security utilities into a structured taxonomy to facilitate discovery and access for specialized research and testing tasks. The repository distinguishes itself through a community-driven model where external resource locations are verified and maintained by contributors. By leveraging a distributed version control system, the project ensures the historical integrity and c
CrackMapExec is a network penetration testing framework and automated security scanner designed to assess security postures across large IP ranges. It functions as a multi-protocol security scanner and network protocol auditor used to identify vulnerabilities and misconfigurations. The tool provides capabilities for Active Directory auditing to enumerate users and permissions, as well as post-exploitation enumeration to gather system metadata and discover lateral movement paths. It includes a framework for credential spraying and harvesting across various network services. The system utilize
secator - the pentester's swiss knife
Viper is a command and control infrastructure manager and post-exploitation framework designed for adversary attack simulation and security assessment. It functions as an orchestrator for penetration testing, combining a system for managing compromised hosts across multiple operating systems with tools for security workflow automation. The platform is distinguished by its use of large language model agents to coordinate red team tasks, automate data processing, and provide intelligent decision support. It includes a network pivot visualizer that uses directional graphs to map relationships an
Source Code Management Attack Toolkit - SCMKit is a toolkit that can be used to attack SCM systems. SCMKit allows the user to specify the SCM system and attack module to use, along with specifying valid credentials (username/password or API key) to the respective SCM system. Currently, the SCM…
Faraday is a vulnerability management platform and security tool aggregator designed to centralize security findings from multiple scanners into a single dashboard. It utilizes a relational security database to catalog hosts, services, and security flaws, enabling users to track remediation and analyze organizational risk. The platform distinguishes itself through a plugin-based system that normalizes diverse security tool outputs into a unified data model. It supports deep integration with a wide array of scanners and CLI tools, intercepting shell command output or parsing report files to ag
pentest framework
fsociety is a penetration testing framework and security tool orchestrator designed to conduct full security audits. It functions as a wrapper that integrates external security binaries into a unified, menu-driven interface, providing a centralized system for command-line parameter mapping and execution. The project distinguishes itself by organizing specialized utilities into domain-specific collections for structured navigation. It automates the transition between different phases of an audit by chaining reconnaissance and exploitation tools through sequential workflow automation. The fram
The framework is a comprehensive penetration testing platform designed for the development, testing, and execution of security exploits. It serves as a research toolkit and automated assessment environment, enabling security professionals to identify and validate vulnerabilities within networked systems and infrastructure through repeatable, standardized procedures. The platform distinguishes itself through a modular architecture that supports reflective payload injection, allowing for the execution of code directly in memory without writing to disk. It utilizes an asynchronous event loop to
Tools for Pentesting
Seeker is a social engineering location tool and browser geolocation capture system. It provides a framework for capturing precise GPS coordinates and device metadata by hosting deceptive webpages that prompt users for location permissions. The project includes an HTML phishing template engine for deploying custom or predefined website clones designed to trick users into granting sensitive permissions. It further utilizes a device fingerprinting tool to collect hardware specifications, operating system details, and screen resolution from visiting clients. The system incorporates network reco
[中文 Readme](https://github.com/u21h2/nacs/blob/main/README.md) | [English Readme](https://github.com/u21h2/nacs/blob/main/README_EN.md)
Sn1per is a vulnerability management platform and penetration testing orchestrator designed to automate reconnaissance, vulnerability scanning, and exploit verification. It functions as a dockerized security toolkit that coordinates multiple tools into a unified automated pipeline to identify security flaws across network and web assets. The platform features an attack surface manager for discovering internet-facing assets through OSINT, DNS enumeration, and certificate transparency. It distinguishes itself with an AI-powered security analyzer that uses large language models to summarize scan