1565 Open source projects that are alternatives of or similar to AttackSurfaceManagement

Amazingly fast response crawler to find juicy stuff in the source code! 😎🔥

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

Social media hunter

An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.

Functions that can be used to gain Reverse Shells with PowerShell

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

Pentest: Subdomains enumeration tool for penetration testers.

DevBrute is a Password Brute Forcer, It can Brute Force almost all Social Media Accounts or Any Web Application.

Related subdomains finder

A Python Hacking Library consisting of network scanner, arp spoofer and detector, dns spoofer, code injector, packet sniffer, network jammer, email sender, downloader, wireless password harvester credential harvester, keylogger, download&execute, ransomware, data harvestors, etc.

Do some quick reconnaissance on a domain-based web-application

A script to configure a TP-Link MR3040 running OpenWRT into a simple, yet powerful penetration-testing "dropbox".

Script that automates the installation of the main tools used for web application penetration testing and Bug Bounty.

Collection of several DDos tools.

An advanced tool for email reconnaissance

XposedOrNot (XoN) tool is to search an aggregated repository of xposed passwords comprising of ~850 million real time passwords. Usage of such compromised passwords is detrimental to individual account security.

Automated Web Recon Shell Scripts

Python library and CLI for the Bug Bounty Recon API

Watchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.

It's a Docker Environment for pentesting which having all the required tool for VAPT.

A MongoDB importer and API for Project Sonars DNS datasets

Find host header injections and perform Host Header attacks with other kind of bugs like web cache poissoning

A powerful hacker toolkit collected more than 10 categories of open source scanners from Github - 安全行业从业者自研开源扫描器合辑

Custom bash scripts used to automate various penetration testing tasks including recon, scanning, parsing, and creating malicious payloads and listeners with Metasploit.

Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

OSINT

MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats.

WARF is a Web Application Reconnaissance Framework that helps to gather information about the target.

Reconnaissance tool for GitHub code search. Finds exposed API keys using pattern matching, commit history searching, and a unique result scoring system.

🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.

E-mails, subdomains and names Harvester - OSINT

AttackSurfaceMapper is a tool that aims to automate the reconnaissance process.

Pentesting Framework is a bundle of penetration testing tools, Includes - security, pentesting, hacking and many more.

Semi-automatic OSINT framework and package manager

Mining parameters from dark corners of Web Archives

Probe_Spider is a Open Source Intelligence Tool made complete out of Python.

🔎 Hunt down social media accounts by username across social networks

People tracker on the Internet: OSINT analysis and research tool by Jose Pino

a recon tool that allows searching on URLs that are exposed via shortener services

WordPress pentest tool

List of Awesome Asset Discovery Resources

gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...

API, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)

Australian Open Source Intelligence Gathering Resources, Australias Largest Open Source Intelligence Repository for Cyber Professionals and Ethical Hackers

An OSINT tool to gather information about the real owner of a phone number

The Offensive Manual Web Application Penetration Testing Framework.

An OSINT CLI tool desgined to fast track IP Reputation and Geo-locaton look up for Security Analysts.

Framework для сбора данных из открытых источников. В Framework используется большое количество API, их необходимо зарегистрировать самому.​

Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.

my oscp prep collection

A toolkit for Security Researchers

A very (very) FAST and simple subdomain finder based on online & free services. Without any configuration requirements.

A Powerful Penetration Tool For Automating Penetration Tasks Such As Local Privilege Escalation, Enumeration, Exfiltration and More... Use Or Build Automation Modules To Speed Up Your Cyber Security Life

internet monitoring osint telegram bot for windows

Authors

Find usernames across over 170 social networks - Fast & flexible remake of sdushantha/sherlock

👀 Some of my favorite OSINT tools.

Intelligence and Reconnaissance Package/Bundle installer.

A tool to hunt for publicly accessible DigitalOcean Spaces