971 Open source projects that are alternatives of or similar to Autosqli

An OSINT tool to find contacts in order to report security vulnerabilities.

Intelligence tool but without API key

一款功能强大的漏洞扫描器，子域名爆破使用aioDNS，asyncio异步快速扫描，覆盖目标全方位资产进行批量漏洞扫描，中间件信息收集，自动收集ip代理，探测Waf信息时自动使用来保护本机真实Ip，在本机Ip被Waf杀死后，自动切换代理Ip进行扫描，Waf信息收集(国内外100+款waf信息)包括安全狗，云锁，阿里云，云盾，腾讯云等，提供部分已知waf bypass 方案，中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等)，支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能

Related subdomains finder

A portable OSINT Swiss Army Knife for DFIR/OSINT professionals 🕵️ 🕵️ 🕵️

This script will automatically set up an OSINT workstation starting from a Ubuntu OS.

Selenium powered Python script to automate searching for vulnerable web apps.

StalkPhish - The Phishing kits stalker, harvesting phishing kits for investigations.

Dark Web OSINT Tool

A curated list of awesome social engineering resources.

OSINT Project

A service that can track data breaches like "Have I Been Pwned", but it is specific for Taiwan.

TIGMINT: OSINT (Open Source Intelligence) GUI software framework

The Devils Eye is an OSINT tool that extracts onion links and descriptions that match with the users query from the Darkweb, without requiring the use for Tor.

MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats.

No description or website provided.

Public Repository of Open Source Tools for Cyber Threat Intelligence Analysts and Researchers

An advanced tool for email reconnaissance

Find existing email addresses by nickname using API/SMTP checking methods without user notification. Please, don't hesitate to improve cat's job! 🐱🔎 📬

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

Janusec Application Gateway, Provides Fast and Secure Application Delivery. JANUSEC应用网关，提供快速、安全的应用交付。

Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.

Snoop — инструмент разведки на основе открытых данных (OSINT world)

A toolkit for Security Researchers

A tool to hunt for publicly accessible DigitalOcean Spaces

All In One Pentesting Tool For Recon & Auditing , Phone Number Lookup , Header , SSH Scan , SSL/TLS Scan & Much More.

Generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage.

A simple way to know if you are on the list of major security breaches like "HIBP", but it is specific for Iran.

Multi source CVE/exploit parser.

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…

This program provides efficient web scraping services for Tor and non-Tor sites. The program has both a CLI and REST API.

this is a python module that contains functions and classes which are used to test the security of web/network applications. it's coded on pure python and it's very intelligent tool ! It can easily detect: XSS (relected/stored), RCE (Remote Code/Command Execution), SSTI, SSRF, CORS Misconfigurations, File Upload, CSRF, Path Traversal,.... Also, …

Discover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty

Darknet OSINT Transform

A Tool for Domain Flyovers

LinkedinScraper is an another information gathering tool written in python. You can scrape employees of companies on Linkedin.com and then create these employee names, titles and emails.

Port scanning and domain utility.

A Deliberately Insecure Web Application

Links for the OSINT Team

Blind WAF identification tool

OSINT Swiss Army Knife

internet monitoring osint telegram bot for windows

Blazy is a modern login bruteforcer which also tests for CSRF, Clickjacking, Cloudflare and WAF .

🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.

Maintained collection of OSINT related resources. (All Free & Actionable)

Damn Vulnerable Web Application (DVWA)

List of Awesome Asset Discovery Resources

A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.

An OSINT Metadata analyzing tool that filters through tags and creates reports

🌰 An onion url inspector for inspecting deep web links.

Yar is a tool for plunderin' organizations, users and/or repositories.

Operational Security utility and automator.

Automatically Launch Google Hacking Queries Against A Target Domain

POOPAK - TOR Hidden Service Crawler

Offensive tools as Dockerfiles. Lightweight & Ready to go

Find leaked emails with your passwords

SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈

OSINT Tool to find Breached Credit Cards Information

Discover internet-wide misconfigurations while drinking coffee

🐳 Tiny Docker(🤏 10MB) image as 🧅 Tor SOCKS5 proxy 🛡