2414 Open source projects that are alternatives of or similar to Aaia

Next generation web scanner

Web Application Security Automation Framework which recons the target for various assets to maximize the attack surface for security professionals & bug-hunters

Visual query builder for Neo4j graph database

A command-line tool to get valuable information out of AWS CloudTrail

Small tool to convert an IAM Policy in JSON format into a Terraform aws_iam_policy_document

PacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

HostHunter a recon tool for discovering hostnames using OSINT techniques.

Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.

mXtract - Memory Extractor & Analyzer

A tool for quickly evaluating IAM permissions in AWS.

👻Stowaway -- Multi-hop Proxy Tool for pentesters

A tool for identifying misconfigured CloudFront domains

SkyArk helps to discover, assess and secure the most privileged entities in Azure and AWS

基于自然语言理解与机器学习的聊天机器人，支持多用户并发及自定义多轮对话

Terraform module to set up your AWS account with the secure baseline configuration based on CIS Amazon Web Services Foundations and AWS Foundational Security Best Practices.

A ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

Exploit Pack -The next generation exploit framework

A vault for securely storing and accessing AWS credentials in development environments

Scripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

无状态子域名爆破工具

Tool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.

Helm Charts for running Neo4j on Kubernetes

Propagate users from Mozilla's Person API to third party systems.

Amazon Web Services Operator Interface

Continuously monitor your AWS services for configurations that can lead to degradation of confidentiality, integrity or availability. All results will be sent to Security Hub for further aggregation and analysis.

A set of recipes useful in pentesting and red teaming scenarios

The public documentation for the gruntwork-io/module-security repo, which contains packages for setting up best practices for managing secrets, credentials, and servers

IAM Least Privilege Policy Generator

Neo4j Movies Example application with SparkJava backend using the neo4j-java-driver

A simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support

Command line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.

Curated list of links, references, books videos, tutorials (Free or Paid), Exploit, CTFs, Hacking Practices etc. which are related to AWS Security

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

EmbedOS - Embedded security testing virtual machine

Container with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters

🏴‍☠️ Information Gathering tool 🏴‍☠️ DNS / Subdomains / Ports / Directories enumeration

Build REST APIs with Neo4j and Flask, as quickly as possible!

Open source application to instantly remediate common security issues through the use of AWS Config

Set of tools to audit SIP based VoIP Systems

Process credential providers for AWS SDKs and Tools

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.

Play detective on Reddit: Discover political disinformation campaigns, secret influencers and more

Distribute different AWS IAM credentials to different pods in Kubernetes via secrets.

A tool to test security of json web token

Neo4j Object Graph Mapper for PHP

Hashcat web interface

A library to display an interactive editor for any graph-like data.

A tool to use AWS IAM credentials to authenticate to a Kubernetes cluster

Complete AWS IAM Reference

A secret manager for AWS

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能

An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.

Find cloud assets that no one wants exposed 🔎 ☁️

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

A Virtual environment for Pentesting IoT Devices