RASSec / Pentester Fully Automatic Scanner
DNS Subdomain● Brute force ● Web Spider ● Nmap Scan ● etc
Stars: ✭ 315
Programming Languages
python
139335 projects - #7 most used programming language
Projects that are alternatives of or similar to Pentester Fully Automatic Scanner
Esd
Enumeration sub domains(枚举子域名)
Stars: ✭ 785 (+149.21%)
Mutual labels: security-tools, security-scanner, brute-force, subdomain-scanner
Ladon
大型内网渗透扫描器&Cobalt Strike,Ladon8.9内置120个模块,包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2,密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem,Poc/Exploit,支持Cobalt Strike 3.X-4.0
Stars: ✭ 2,911 (+824.13%)
Mutual labels: security-tools, security-scanner, brute-force
yandi-scanner
Network Security Vulnerability Scanner
Stars: ✭ 110 (-65.08%)
Mutual labels: brute-force, security-scanner, subdomain-scanner
Bandit
Bandit is a tool designed to find common security issues in Python code.
Stars: ✭ 3,763 (+1094.6%)
Mutual labels: security-tools, security-scanner
Minesweeper
A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).
Stars: ✭ 162 (-48.57%)
Mutual labels: security-tools, security-scanner
Awesome Shodan Queries
🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩💻
Stars: ✭ 2,758 (+775.56%)
Mutual labels: security-tools, security-scanner
Pbscan
Faster and more efficient stateless SYN scanner and banner grabber due to userland TCP/IP stack usage.
Stars: ✭ 122 (-61.27%)
Mutual labels: security-tools, security-scanner
Vulny Code Static Analysis
Python script to detect vulnerabilities inside PHP source code using static analysis, based on regex
Stars: ✭ 207 (-34.29%)
Mutual labels: security-tools, security-scanner
Limitrr
Light NodeJS rate limiting and response delaying using Redis - including Express middleware.
Stars: ✭ 203 (-35.56%)
Mutual labels: security-tools, brute-force
Blackhat Arsenal Tools
Official Black Hat Arsenal Security Tools Repository
Stars: ✭ 2,639 (+737.78%)
Mutual labels: security-tools, security-scanner
urlbrute
Directory/Subdomain scanner developed in GoLang.
Stars: ✭ 37 (-88.25%)
Mutual labels: brute-force, subdomain-scanner
Patrowlengines
PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Stars: ✭ 162 (-48.57%)
Mutual labels: security-tools, security-scanner
Reconnoitre
A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
Stars: ✭ 1,824 (+479.05%)
Mutual labels: security-tools, security-scanner
Security Scripts
A collection of security related Python and Bash shell scripts. Analyze hosts on generic security vulnerabilities. Wrapper around popular tools like nmap (portscanner), nikto (webscanner) and testssl.sh (SSL/TLS scanner)
Stars: ✭ 188 (-40.32%)
Mutual labels: security-tools, security-scanner
Gsil
GitHub Sensitive Information Leakage(GitHub敏感信息泄露监控)
Stars: ✭ 1,764 (+460%)
Mutual labels: security-tools, security-scanner
Cobra
Source Code Security Audit (源代码安全审计)
Stars: ✭ 2,802 (+789.52%)
Mutual labels: security-tools, security-scanner
Wsltools
Web Scan Lazy Tools - Python Package
Stars: ✭ 288 (-8.57%)
Mutual labels: security-tools, security-scanner
Nosqli
NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.
Stars: ✭ 120 (-61.9%)
Mutual labels: security-tools, security-scanner
Horn3t
Powerful Visual Subdomain Enumeration at the Click of a Mouse
Stars: ✭ 120 (-61.9%)
Mutual labels: security-tools, subdomain-scanner
Insider
Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).
Stars: ✭ 216 (-31.43%)
Mutual labels: security-tools, security-scanner
#定向全自动化渗透测试 ###F_A_S_T扫描器
介绍
为了省去繁琐的手工测试和常用漏洞的搜索工作,提升工作的效率,才有了此工具,工具对于前期的收集采用了市面上大量的工具集合,不漏扫的原则,最大化的提升工具可用性,可扩展性等要求,开发次扫描器。
插件介绍
- 邮箱、姓名域反查询记录
- Requests、wydomain、subdomainburter、gxfr
- Wydomain -利用搜索引擎收集域名 加强了改进版
- Subdomain -爆破域名以及三级域名 加强了修改改进版
- Gxfr -利用了bing和谷歌搜索 收集域名 加强了改进版
- BBScan -批量扫描整个段或者定向地址,加强了修改改进版
- webprinter -web指纹识别
Win下所需程序
- Nmap -服务、端口、exp精确扫描
- 批处理 -进行监听和执行命令
- awvs扫描器 -批量扫描web应用 ---后续待开发---
#####生成报告 说明
#####使用方式
- 可以直接执行
python main.py -d cert.org.cn
- 如何检测后需要直接执行扫描应用,可以执行
启动程序.bat
文件,监听扫描结果
#####功能说明
-
前期需要挂VPN收集刺探信息
-
域名自动收集
-
端口自动判断
-
指纹自动识别
-
路径自动破解
-
计划大型扫描
-
批量进行WVS扫描并识别高中危漏洞
-
批量进行NESSUS扫描自动识别高中危漏洞
author : yds
#####thx
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].