995 Open source projects that are alternatives of or similar to Awesome Infosec

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…

OSINT Swiss Army Knife

Pass in a list of URLs with query strings, get back a unique list of URLs and query string combinations

Chashell is a Go reverse shell that communicates over DNS. It can be used to bypass firewalls or tightly restricted networks.

A collection of various GitHub gists for hackers, pentesters and security researchers

Snoop — инструмент разведки на основе открытых данных (OSINT world)

A collection of resources I'm using while working toward the OSCP

Webshell Manager

Awesome Node.js Security resources

Offensive tools as Dockerfiles. Lightweight & Ready to go

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

An advanced tool for email reconnaissance

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

Sifter aims to be a fully loaded Op Centre for Pentesters

🦁 Juumla is a python tool created to identify Joomla version, scan for vulnerabilities and search for config or backup files.

All releases of the security research group (a.k.a. hackers) The Hacker's Choice

Penetration Testing notes, resources and scripts

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

JustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)

Gorsair hacks its way into remote docker containers that expose their APIs

Web path scanner

A curated list of awesome OSCP resources

Dradis Framework: Colllaboration and reporting for IT Security teams

Burp Suite extension to passively scan for applications revealing server error messages

Burp extension to passively scan for applications revealing software version numbers

Password wordlist generator using song lyrics for targeted bruteforce audits / attacks. Useful for penetration testing or security research.

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Penetration tests guide based on OWASP including test cases, resources and examples.

GitBook: OSCP RoadMap

Get GTFOBins info about a given exploit from the command line

Portia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised. Portia performs privilege escalation as well as lateral movement automatically in the network

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

A wrapper for Nmap to quickly run network scans

Ary 是一个集成类工具，主要用于调用各种安全工具，从而形成便捷的一键式渗透。

Cameradar hacks its way into RTSP videosurveillance cameras

Wireshark Cheat Sheet

Vulnerability assessment and penetration testing automation and reporting platform for teams.

SMTP and IMAP checker / cracker for mailpass combolists with a user-friendly GUI, automated inbox test and many more features.

Feature-rich Post Exploitation Framework with Network Pivoting capabilities.

Quick SQL Scanner, Dorker, Webshell injector PHP

🖖 Fast, modern, easy-to-use network scanner

Information Security Library

Cheat-Sheet of tools for penetration testing

Docker - Ubuntu with a bunch of PenTesting tools and wordlists

A list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP (and more) study material. Commands in 'Usefulcommands' Keepnote. Bookmarks and reading material in 'BookmarkList' CherryTree. Reconscan Py2 and Py3. Custom ISO building.

Common Web Managers Fuzz Wordlists

Collection of several DDos tools.

Multi OTP Spam Amp/Paralell threads

Framework For Exploring kernel vulnerabilities, network vulnerabilities ✨

A tool to test security of json web token

Exploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)

Kali Live Build Scripts

渗透测试☞经验/思路/总结/想法/笔记

Offensive Reverse Shell (Cheat Sheet)

StalkPhish - The Phishing kits stalker, harvesting phishing kits for investigations.

Pentest/BugBounty progress control with scanning modules

Everything needed for doing CTFs

⬆️ ☠️ Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, polkit, docker socket

List of awesome free video courses for learning Computer Science!

Port scanning and domain utility.