Pupy alternatives

Looking for an alternative tool to replace Pupy? During the review of Pupy we looked at other open source tools. Based on their category, tags, and text, these are the ones that have the best match.

Top 3

  1. arpag (automatic exploiting tool)
  2. AutoSploit (automated host exploitation)
  3. BeEF (browser exploitation framework)

These tools are ranked as the best alternatives to Pupy.

Alternatives (by score)

64

arpag

Introduction

Tools like arpag can help with automating penetration tests and security assessments. By testing automatically for a set of exploits, the remaining time can be spend in other areas.

Project details

arpag is written in Python.

Strengths and weaknesses

  • + Very low number of dependencies
  • + The source code of this software is available
  • - No releases on GitHub available

Typical usage

  • Penetration testing
  • Security awareness
  • Service exploitation

arpag review

80

AutoSploit

Introduction

AutoSploit attempts to automate the exploitation of remote hosts for security assessments. Targets can be collected automatically or manually provided. Automatic sources include Censys, Shodan, and Zoomeye.

Project details

AutoSploit is written in Python.

Strengths and weaknesses

  • + More than 10 contributors
  • + More than 3000 GitHub stars
  • + The source code of this software is available

    Typical usage

    • Service exploitation
    • System exploitation

    AutoSploit review

    93

    BeEF

    Introduction

    BeEF is used by penetration testers to assess the security of a system by leveraging the web browser. This makes the tool different to many other tools, as it ignores the security on network or system level. It uses command modules from within the web browser to perform requested attacks against the system.

    Project details

    100

    Infection Monkey

    Introduction

    This tool is useful for security assessments to test for weaknesses within the network. By automating the exploitation phase as much as possible, it will help finding any weak targets within the boundaries of the data center.

    Project details

    Infection Monkey is written in Python.

    Strengths and weaknesses

    • + More than 10 contributors
    • + More than 500 GitHub stars
    • + The source code of this software is available

      Typical usage

      • Service exploitation
      • System exploitation

      Infection Monkey review

      60

      Leviathan Framework

      Introduction

      Leviathan is a security tool to provide a wide range of services including service discovery, brute force, SQL injection detection, and exploit capabilities. The primary reason to use this tool is to do massive scans on many systems at once. For example to include a huge network range, country-wide scan, or even full internet scan.

      Project details

      Leviathan Framework is written in Python.

      Strengths and weaknesses

      • + More than 500 contributors
      • + The source code of this software is available

        Typical usage

        • Penetration testing
        • Security assessment
        • Service exploitation

        Leviathan Framework review

        74

        Metasploit Framework

        Introduction

        Metasploit is a framework that consists of tools to perform security assignments. It focuses on the offensive side of security and leverages exploit modules.

        Project details

        Metasploit Framework is written in Ruby.

        Strengths and weaknesses

        • + More than 400 contributors
        • + More than 9000 stars
        • + Many maintainers
        • + The source code of this software is available
        • + Supported by a large company
        • + Well-known tool

          Typical usage

          • Penetration testing
          • Security assessment
          • Vulnerability scanning

          Metasploit Framework review

          72

          RouterSploit

          Introduction

          RouterSploit is a framework to exploit embedded devices such as cameras and routers. It can be used during penetration testing to test the security of a wide variety of devices. RouterSploit comes with several modules to scan and exploit the devices. The tool helps in all steps, like from credential testing to deploying a payload to perform an exploitation attempt.

          Project details

          RouterSploit is written in Python.

          Strengths and weaknesses

          • + More than 50 contributors
          • + More than 6000 GitHub stars
          • + The source code of this software is available

            Typical usage

            • Penetration testing
            • Self-assessment
            • Software testing
            • Vulnerability scanning

            RouterSploit review

            60

            Ruler

            Introduction

            The main aim for this tool is abusing the client-side Outlook features and gain a shell remotely.

            Project details

            Ruler is written in Golang.

            Strengths and weaknesses

            • + The source code of this software is available

              Typical usage

              • Penetration testing
              • Security assessment

              Ruler review

              89

              sqlmap

              Introduction

              The sqlmap is a well-known tool with an amazing number of GitHub stars (10,000+). It is used by many security professionals around the world to test the security of both web applications and the database that stores the data.

              Project details

              Some relevant tool missing as an alternative to Pupy? Please contact us with your suggestion.