613 Open source projects that are alternatives of or similar to Attack_monitor

Open source incident management and response platform.

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

Script to create templates to use with VirtualBox to make vm detection harder

Custom memory allocator that helps discover reads from uninitialized memory

[Official] Android reverse engineering tool focused on dynamic instrumentation automation. Powered by Frida. It disassembles dex, analyzes it statically, generates hooks, discovers reflected methods, stores intercepted data and does new things from it. Its aim is to be an all-in-one Android reverse engineering platform.

Open Repository for the Open Security and Privacy Reference Architecture

A ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network

Curated List of Privacy Respecting Services and Software

Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.

🍿 The perfect Checklist Website for meticulous developers.

mXtract - Memory Extractor & Analyzer

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

红队综合渗透框架

The opposite of Ruler, provides blue teams with the ability to detect Ruler usage against Exchange.

vulscan 扫描系统：最新的poc&exp漏洞扫描，redis未授权、敏感文件、java反序列化、tomcat命令执行及各种未授权扫描等...

NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.

Android Reverse-Engineering Workbench for VS Code

本程序旨在为安全应急响应人员对Linux主机排查时提供便利，实现主机侧Checklist的自动全面化检测，根据检测结果自动数据聚合，进行黑客攻击路径溯源。

Leaked Linux.Mirai Source Code for Research/IoC Development Purposes

OSS Vulnerability Scanner for Windows Platform

Automated Mass Exploiter

Trigram database written in C++, suited for malware indexing

A tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner.

Set of tools to audit SIP based VoIP Systems

A curated list of awesome test automation frameworks, tools, libraries, and software for different programming languages. Sponsored by http://sdclabs.com

Bringing you the best of the worst files on the Internet.

A collection of c++ programs that demonstrate common ways to detect the presence of an attached debugger.

Web Inventory tool, takes screenshots of webpages using Pyppeteer (headless Chrome/Chromium) and provides some extra bells & whistles to make life easier.

Saydog Framework

fireELF - Fileless Linux Malware Framework

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

HostHunter a recon tool for discovering hostnames using OSINT techniques.

gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...

Linker/Compiler/Tool detector for Windows, Linux and MacOS.

Find exploit tool

Burp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Application Security Testing (DAST).

Application and Service Fingerprinting

Analyses your Java and Python applications for open-source dependencies with known vulnerabilities, using both static analysis and testing to determine code context and usage for greater accuracy. https://eclipse.github.io/steady/

🏴‍☠️ Information Gathering tool 🏴‍☠️ DNS / Subdomains / Ports / Directories enumeration

A hackable malware sandbox for the 21st Century

Documentation:

Open source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.

Hide secrets with invisible characters in plain text securely using passwords 🧙🏻‍♂️⭐

🕷️ XSS Listener is a penetration tool for easy to steal data with various XSS.

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

Vulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.

Awesome hacking is an awesome collection of hacking tools.

FCL (Fileless Command Lines) - Known command lines of fileless malicious executions

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

Enumerate and disable common sources of telemetry used by AV/EDR.

A collection of Ansible Playbooks that configure Kali to use Fish & install a number of tools

Adversary Simulation Framework

Enumeration sub domains(枚举子域名)

🆕 The Multi-Tool Web Vulnerability Scanner.

An OSINT Metadata analyzing tool that filters through tags and creates reports

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

A SDK for the creation of analysis tools without obtaining app source code in order to profile runtime performance, examine code coverage, and track high-risk behaviors of a given app on Android 5.0 and above.

Search exposed EBS volumes for secrets

Find cloud assets that no one wants exposed 🔎 ☁️

Hashcat web interface