1724 Open source projects that are alternatives of or similar to Awesome Bbht

Little Bug Bounty & Hacking Tools⚔️

Gives you one-liners that aids in penetration testing operations, privilege escalation and more

One-click installer for Frida and Burp certs for SSL Pinning bypass

Leverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.

Sifter aims to be a fully loaded Op Centre for Pentesters

ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产，构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产，发现存在的薄弱点和攻击面。

my oscp prep collection

CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.

Web Application recon automation

All releases of the security research group (a.k.a. hackers) The Hacker's Choice

A collection of various awesome lists for hackers, pentesters and security researchers

Awesome hacking is an awesome collection of hacking tools.

Offensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.

一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具，可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如：Title、Domain、CDN、指纹信息、状态信息等。

All in One Hacking Tool for Linux & Android (Termux). Make your linux environment into a Hacking Machine. Hackers are welcome in our blog

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

Web application vulnerability scanner

A Python Tool For google Hacking

Hide secrets with invisible characters in plain text securely using passwords 🧙🏻‍♂️⭐

Vulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.

network reconnaissance toolkit

🔺 Red Team Hardware Toolkit 🔺

Attack Surface Management Platform | Sn1perSecurity LLC

GoFingerprint is a Go tool for taking a list of target web servers and matching their HTTP responses against a user defined list of fingerprints.

ReconPi - A lightweight recon tool that performs extensive scanning with the latest tools.

apkizer is a mass downloader for android applications for all available versions.

A cross-platform note-taking & target-tracking app for penetration testers.

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework

Python based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.

A permutation generation tool written in golang

Hacking Toolkit

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)

A collection of awesome one-liner scripts especially for bug bounty tips.

Python Interactive Deepweb-oriented Rapid Intelligent Link Analyzer

bash scripting thing !

M3m0 Tool ⚔️ Website Vulnerability Scanner & Auto Exploiter

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

🆕 The Multi-Tool Web Vulnerability Scanner.

An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.

An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.

A tool to find subdomains and interesting things hidden inside, external Javascript files of page, folder, and Github.

Semi-automatic OSINT framework and package manager

Advanced and easy to use penetration testing framework 💣🔎

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

A high performance offensive security tool for reconnaissance and vulnerability scanning

Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.

Repositório com conteúdo sobre web hacking em português

Quiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.

Micro-framework for rapid development of reusable security tools

Auto setup is a bash script compatible with Debian based distributions to install and setup necessary programs.

Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.

WPrecon (WordPress Recon), is a vulnerability recognition tool in CMS Wordpress, developed in Go and with scripts in Lua.

Change monitoring app that checks the content of web pages in different periods.

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

An open source tool to aid in command line driven generation of bug bounty reports based on user provided templates.

DevBrute is a Password Brute Forcer, It can Brute Force almost all Social Media Accounts or Any Web Application.