995 Open source projects that are alternatives of or similar to Awesome Infosec

A curated list of VULNERABLE APPS and SYSTEMS which can be used as PENETRATION TESTING PRACTICE LAB.

A Tool for Domain Flyovers

🔐 Docker Container for Penetration Testing & Security

Pentest: Subdomains enumeration tool for penetration testers.

Multi source CVE/exploit parser.

Pentest Report Generator

Vagrant VirtualBox environment for conducting an internal network penetration test

TryHackMe CTFs writeups, notes, drafts, scrabbles, files and solutions.

A tool to automate penetration tests

Turn your VPS into an attack box

Cheat-Sheet of tools for penetration testing

Script to spider a website and find publicly open S3 buckets

Extract subdomains from SSL certificates in HTTPS sites.

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

Pentest Lab on OpenStack with Heat, Chef provisioning and Docker

Cameradar hacks its way into RTSP videosurveillance cameras

An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)

Related subdomains finder

Collection of penetration test reports and pentest report templates. Published by the the best security companies in the world.

🖖 Fast, modern, easy-to-use network scanner

🔑 Hash type identifier (CLI & lib)

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

🦁 Juumla is a python tool created to identify Joomla version, scan for vulnerabilities and search for config or backup files.

Kali Live Build Scripts

Get GTFOBins info about a given exploit from the command line

SMTP and IMAP checker / cracker for mailpass combolists with a user-friendly GUI, automated inbox test and many more features.

Hacker101 CTF Writeup

Next generation web scanner

Collection of the cheat sheets useful for pentesting

Find cloud assets that no one wants exposed 🔎 ☁️

Ary 是一个集成类工具，主要用于调用各种安全工具，从而形成便捷的一键式渗透。

A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.

Portia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised. Portia performs privilege escalation as well as lateral movement automatically in the network

Misc. Public Reports of Penetration Testing and Security Audits.

Multi OTP Spam Amp/Paralell threads

Subdomain enumeration through various techniques

A script to configure a TP-Link MR3040 running OpenWRT into a simple, yet powerful penetration-testing "dropbox".

Quick SQL Scanner, Dorker, Webshell injector PHP

Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.

Information Security Library

Docker - Ubuntu with a bunch of PenTesting tools and wordlists

A wrapper for Nmap to quickly run network scans

Totally Insecure Web Application Project (TIWAP)

Collection of several DDos tools.

🌒 Shell command obfuscation to avoid detection systems

Framework For Exploring kernel vulnerabilities, network vulnerabilities ✨

A collection of resources I'm using while working toward the OSCP

Argus Advanced Remote & Local Keylogger For macOS and Windows

Vulnerability assessment and penetration testing automation and reporting platform for teams.

Pass in a list of URLs with query strings, get back a unique list of URLs and query string combinations

Offensive Reverse Shell (Cheat Sheet)

Common Web Managers Fuzz Wordlists

渗透测试☞经验/思路/总结/想法/笔记

This repository contains writeups for various CTFs I've participated in (Including Hack The Box).

A list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP (and more) study material. Commands in 'Usefulcommands' Keepnote. Bookmarks and reading material in 'BookmarkList' CherryTree. Reconscan Py2 and Py3. Custom ISO building.

Wireshark Cheat Sheet

Exploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)

Feature-rich Post Exploitation Framework with Network Pivoting capabilities.

Yet Another PHP Shell - The most complete PHP reverse shell