1565 Open source projects that are alternatives of or similar to AttackSurfaceManagement

Enine boyuna siber güvenlik

A wrapping script to query the default password list maintained by cirn.net... << Thank them.

A simple, extensible C&C beaconing system.

GoPhish Templates that I have retired and/or templates I've recreated.

Network recon framework, published by @cea-sec & @ANSSI-FR. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, collect and analyse network intelligence from your sensors, and much more!

A fully automated, reliable, super-fast, mass scanning and validation toolkit for the Log4J RCE CVE-2021-44228 vulnerability.

Toutatis is a tool that allows you to extract information from instagrams accounts such as e-mails, phone numbers and more

Distributed malware processing framework based on Python, Redis and MinIO.

Turn PuTTY into an SSH login bruteforcing tool.

Proof -Of-Concept Brute Force Login on a web-site with a good dictionary of words

A Handy-Dandy Personal Toolkit for Enumeration and a headstart on attacking a machine!

A robust, and flexible open source User & Entity Behavior Analytics (UEBA) framework used for Security Analytics. Developed with luv by Data Scientists & Security Analysts from the Cyber Security Industry. [PRE-ALPHA]

goverview - Get an overview of the list of URLs

Framework For Exploring kernel vulnerabilities, network vulnerabilities ✨

An Extended, Modulair, Host Discovery Framework

Venmo trasaction dataset for data analysis/visualization/anything

Let's track phishing kits to give to research community raw material to study !

Agent scanner for vulners.com

WALKOFF-enabled applications. #nsacyber

You can find hardcoded Api-Key,Secret,Token Etc..

Query compiler for secure multi-party computation.

Dorks for shodan.io. Some basic shodan dorks collected from publicly available data.

Network recon framework. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, collect and analyse network intelligence from your sensors, and much more!

Exam Prep for the Ec-council Certified Ethical Hacker 312-50

pure python remote adb scanner + nmap scan module

Http request smuggling vulnerability scanner

Automated Deployment of Lab Environments System (ADLES)

Find leaked emails with your passwords

The bot for the Cyber Discovery Community Discord Server!

Trace Labs OSINT Linux Distribution based on Kali.

Dashboarding and Tooling front-end for PowerShell Empire using PowerShell Universal Dashboard

pentest toolbox

Generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage.

Classic code from 1999+ I am fairly sure this is the first public polymorphic shellcode ever (best IMHO and others http://ids.cs.columbia.edu/sites/default/files/ccs07poly.pdf :) If I ever port this to 64 or implement a few other suggestions (sorry I lost ppc code version contributed) it will be orders of magnitude more difficult to spot, so I h…

A list of resources in different fields of Computer Science (multiple languages)

Tool to automate common OSINT tasks

Scan secrets from Continuous Integration Build Logs

Intentionally vulnerable Android application.

Turn your VPS into an attack box

Offensive tools as Dockerfiles. Lightweight & Ready to go

Awesome Node.js Security resources

A static binary vulnerability scanner

Responsive Command and Control System

Detection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.

A curated list of awesome resources related to executable packing

Intel Owl: analyze files, domains, IPs in multiple ways from a single API at scale

Cloud-native SIEM for intelligent security analytics for your entire enterprise.

A service that can track data breaches like "Have I Been Pwned", but it is specific for Taiwan.

A python module for working with ATT&CK

A Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.

信息收集 OR 信息搜集

OSINT Threat Intel Interface - CLI for HoneyDB

A 24/7 live video broadcast with automatic content selection and overlays using FFMPEG and Python!

Spin up new Windows qubes quickly, effortlessly and securely on Qubes OS

OnionSearch is a script that scrapes urls on different .onion search engines.

Pentesting tool for Minecraft

Dark-Phish is a complete phishing tool. For more about Dark-Phish tool please visit the website.

Paskto - Passive Web Scanner

Каталог нетсталкерских ресурсов, команд, инструментов, источников контента.

Monitor twitter stream