1383 Open source projects that are alternatives of or similar to Awesome Csirt

Reverse-Engineered Tools Count-106

Experiments with hidden COM interface and LxBus IPC mechanism in WSL

A collection of hacking / penetration testing resources to make you better!

The OpenSource Disassembler

Security and Hacking Tools, Exploits, Proof of Concepts, Shellcodes, Scripts.

The Web Exploit Detector is a Node.js application used to detect possible infections, malicious code and suspicious files in web hosting environments

Tera DPS Meter

An open-source x64/x32 debugger for windows.

Responsive Command and Control System

IL2CppDumper writed in C++ by xia0

Analyzing Rig Exploit Kit

Ghidra analyzer for UEFI firmware.

Script to automate PUT HTTP method exploitation to get shell

BURP extension to record every HTTP request send via BURP and create an audit trail log of an assessment.

Windows Kernel Exploitation. Static & dynamic analysis, exploits & vuln research. Mitigations bypass's, genric bug-class's.

Maltego CaseFile entities for information security investigations, malware analysis and incident response

Engine used by jnitrace to intercept JNI API calls.

Melody is a transparent internet sensor built for threat intelligence. Supports custom tagging rules and vulnerable application simulation.

A Subdomain Enumeration and Validation tool for Bug Bounty and Pentesters.

DNS Sub-domain brute forcer, in Python + gevent

Hacking tools

Ladon Network Penetration Scanner for PowerShell, vulnerability / exploit / detection / MS17010/SmbGhost,Brute-Force SMB/IPC/WMI/NBT/SSH/FTP/MSSQL/MYSQL/ORACLE/VNC

Bella is a pure python post-exploitation data mining tool & remote administration tool for macOS. 🍎💻

some idapython scripts for android debugging.

iPod usb gadget for audio playback

👀 🖥️ Golang rewrite of eyes.sh. Let's you perform domain/IP address information gathering. Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?" 🔍 🕵️

Red Teaming Tactics and Techniques

An advanced graphical search engine for Exploit-DB

Powerful Visual Subdomain Enumeration at the Click of a Mouse

Free open-source game cheat for Counter-Strike: Global Offensive, written in modern C++. GUI powered by Dear ImGui.

Free open-source training software / cheat for Counter-Strike: Global Offensive, written in C.

Norimaci is a simple and lightweight malware analysis sandbox for macOS

Find web directories without bruteforce

A list of resources in different fields of Computer Science (multiple languages)

⚰️ Ваша конференция в Zoom не состоится

无状态子域名爆破工具

Command line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.

A bare-metal x86 instruction set fuzzer a la Sandsifter

Disassembly of Pokémon Crystal

DeAPK is an open-source, online APK decompiler which lets you upload an APK and then decompile it to Smali or Java sources. It is built using Laravel, Vue.js, Bootstrap, FontAwesome, Pusher, Redis, MySQL, apktool, jadx and hosted atop Oracle cloud platform.

cvebase is a community-driven vulnerability data platform to discover the world's top security researchers and their latest disclosed vulnerabilities & PoCs

Single-file PHP shell

ReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.

WhatPulse reverse engineered

This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.

Exploitation on different architectures (x86, x64, arm, mips, avr)

逆向火绒安全软件驱动——sysdiag

A repo with information about security of Ethereum Smart Contracts

Python3 script to parse txt files containing Mimikatz output

A C# DLL injection library

用cel-go重现了长亭xray的poc检测功能的轮子

Reverse engineering Rosetta 2 in M1 Mac

[LEGACY] CROSS † CHANNEL 中文化 (汉化) 项目，源代码以及网站。（全翻译文本、全平台移植源码已公开！欢迎修改&学习！）CROSS † CHANNEL Chinese Localization Project, source codes and websites. (All translations and scripts are open, welcome on any improvements!)

Phishing catcher using Certstream

Venom - A Multi-hop Proxy for Penetration Testers

Re-implementation of Abe's Exoddus and Abe's Oddysee

The Firmware Security Testing Methodology (FSTM) is composed of nine stages tailored to enable security researchers, software developers, consultants, hobbyists, and Information Security professionals with conducting firmware security assessments.

A Not So Very Intelligent Fuzzer: An advanced fuzzing framework designed to find vulnerabilities in C/C++ code.

Breaks the encryption and obfuscation layers that Dropbox applies to their modified Python interpreter.

Python3编写的CMS漏洞检测框架