1565 Open source projects that are alternatives of or similar to AttackSurfaceManagement

Attack Surface Management Platform | Sn1perSecurity LLC

🆕 The Multi-Tool Web Vulnerability Scanner.

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

A Tool for Domain Flyovers

Fully automated offensive security framework for reconnaissance and vulnerability scanning

Reconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.

HostHunter a recon tool for discovering hostnames using OSINT techniques.

Jackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.

Little Bug Bounty & Hacking Tools⚔️

Automation Recon tool which works with Large & Medium scopes. It performs more than 20 tasks and gets back all the results in separated files.

This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

Ashok is a OSINT Recon Tool , a.k.a 😍 Swiss Army knife .

Discover Your Attack Surface!

Kali Intelligence Suite (KIS) shall aid in the fast, autonomous, central, and comprehensive collection of intelligence by executing standard penetration testing tools. The collected data is internally stored in a structured manner to allow the fast identification and visualisation of the collected information.

Jasmin Ransomware is an advanced red team tool (WannaCry Clone) used for simulating real ransomware attacks. Jasmin helps security researchers to overcome the risk of external attacks.

PENIOT: Penetration Testing Tool for IoT

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…

This script will you help to find the information about the website and to help in penetrating testing

A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.

An awesome collection of curated Cyber Security resources(Books, Tutorials, Blogs, Podcasts, ...)

All In One Pentesting Tool For Recon & Auditing , Phone Number Lookup , Header , SSH Scan , SSL/TLS Scan & Much More.

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

Social media hunter

Login hunter of default credentials for administrative web interfaces leveraging NNdefaccts dataset.

A MongoDB importer and API for Project Sonars DNS datasets

The official wrapper for spyse.com API, written in Go, aimed to help developers build their integrations with Spyse.

phishEye is an ultimate phishing tool in python. Includes popular websites like Facebook, Twitter, Instagram, LinkedIn, GitHub, Dropbox, and many others. Created with Flask, custom templates, and tunneled with ngrok and localhost.run.

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

Making Favicon.ico based Recon Great again !

Vaf is a cross-platform very advanced and fast web fuzzer written in nim

Do some quick reconnaissance on a domain-based web-application

Backend logic implementation for Vulnerability Management System

Pentest: Subdomains enumeration tool for penetration testers.

JSON RSA to HMAC and None Algorithm Vulnerability POC

OSINT

A script to configure a TP-Link MR3040 running OpenWRT into a simple, yet powerful penetration-testing "dropbox".

TryHackMe CTFs writeups, notes, drafts, scrabbles, files and solutions.

Related subdomains finder

Amazingly fast response crawler to find juicy stuff in the source code! 😎🔥

An advanced tool for email reconnaissance

A Python Hacking Library consisting of network scanner, arp spoofer and detector, dns spoofer, code injector, packet sniffer, network jammer, email sender, downloader, wireless password harvester credential harvester, keylogger, download&execute, ransomware, data harvestors, etc.

DevBrute is a Password Brute Forcer, It can Brute Force almost all Social Media Accounts or Any Web Application.

Functions that can be used to gain Reverse Shells with PowerShell

ASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight

Weaponizing Live CT logs for automated monitoring of assets

Script that automates the installation of the main tools used for web application penetration testing and Bug Bounty.

Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.

MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats.

XposedOrNot (XoN) tool is to search an aggregated repository of xposed passwords comprising of ~850 million real time passwords. Usage of such compromised passwords is detrimental to individual account security.

Automated Web Recon Shell Scripts

recon-ng modules for Censys

Boxer: A fast directory bruteforce tool written in Python with concurrency.

Python library and CLI for the Bug Bounty Recon API

A high performance offensive security tool for reconnaissance and vulnerability scanning

Find host header injections and perform Host Header attacks with other kind of bugs like web cache poissoning

A passive subdomain finder

Collection of several DDos tools.

Enumerate information from NTLM authentication enabled web endpoints 🔎

Phomber is infomation grathering tool that reverse search phone numbers and get their details, written in python3.