1332 Open source projects that are alternatives of or similar to A2sv

It's a simple tool for test vulnerability shellshock

Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns

(deprecated) Android application vulnerability analysis and Android pentest tool

hacker, ready for more of our story ! 🚀

Robot Vulnerability Database. An archive of robot vulnerabilities and bugs.

🪓 a multi-threaded, low-bandwidth HTTP DOS tool

my oscp prep collection

Source code for Hacker101.com - a free online web and mobile security class.

web scanner - exploitation - information gathering

CMS Detection and Exploit Kit based on Whatcms.org API

Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.

Apache Solr Injection Research

The Swiss Army knife for automated Web Application Testing

✨ Purpose only! The dangers of Bluetooth Low Energy（BLE）implementations: Unveiling zero day vulnerabilities and security flaws in modern Bluetooth LE stacks.

An OSINT tool to gather information about the real owner of a phone number

Message Queue & Broker Injection tool

scan for NTLM directories

一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具，可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如：Title、Domain、CDN、指纹信息、状态信息等。

Python Interactive Deepweb-oriented Rapid Intelligent Link Analyzer

A collection of my quick and dirty scripts for vulnerability POC and detections

多合一网站指纹扫描器，轻松获取网站的 IP / DNS 服务商 / 子域名 / HTTPS 证书 / WHOIS / 开发框架 / WAF 等信息

hack tools

🕵️‍♀️ Mondoo Cloud-Native Security & Vulnerability Risk Management

Fastest filesystem scanner for log4shell (CVE-2021-44228, CVE-2021-45046) and other vulnerable (CVE-2017-5645, CVE-2019-17571, CVE-2022-23305, CVE-2022-23307 ... ) instances of log4j library. Excellent performance and low memory footprint.

一款信息泄漏利用工具，适用于.git/.svn源代码泄漏和.DS_Store泄漏

Web Application Security Scanner Framework

Asynchronous Python implementation of SlowLoris DoS attack

A list of web application security

Pillage filesystems for sensitive information with Go.

pentest framework

This tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs enabling attackers to read data they shouldn't be able to. This tool is originally based on Microsoft: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in

⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting

This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.

vulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}

WPrecon (WordPress Recon), is a vulnerability recognition tool in CMS Wordpress, developed in Go and with scripts in Lua.

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

Audit tool to find common vulnerabilities in PHP source code

Automated NoSQL database enumeration and web application exploitation tool.

A high performance offensive security tool for reconnaissance and vulnerability scanning

Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting

大型内网渗透扫描器&Cobalt Strike，Ladon8.9内置120个模块，包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2，密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem，Poc/Exploit,支持Cobalt Strike 3.X-4.0

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

SSL Scanner written in Crystal

A static binary vulnerability scanner

👨‍💻 A work-in-progress web services mass scanner written in Rust

Adobe Experience Manager Vulnerability Scanner

NSE scripts to detect CVE-2020-1350 SIGRED and CVE-2020-0796 SMBGHOST, CVE-2021-21972, proxyshell, CVE-2021-34473

Log4j Vulnerability Scanner for Windows

D(HE)ater is a proof of concept implementation of the D(HE)at attack (CVE-2002-20001) through which denial-of-service can be performed by enforcing the Diffie-Hellman key exchange.

Information Gathering tool for a Website or IP address

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)

iblessing is an iOS security exploiting toolkit, it mainly includes application information collection, static analysis and dynamic analysis. It can be used for reverse engineering, binary analysis and vulnerability mining.

Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.

swiss army knife for hackers

Vulners Python API wrapper

X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

Phonia Toolkit is one of the most advanced toolkits to scan phone numbers using only free resources. The goal is to first gather standard information such as country, area, carrier and line type on any international phone numbers with a very good accuracy.

Next generation web scanner

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

Vulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.