563 Open source projects that are alternatives of or similar to Awesome Nmap Grep

⚡️ Worlds fastest steghide cracker, chewing through millions of passwords per second ⚡️

nnposter's alternate fingerprint dataset for Nmap script http-default-accounts

Automated brute-forcing attack tool.

Python Interactive Deepweb-oriented Rapid Intelligent Link Analyzer

asset-scan是一款适用甲方企业的外网资产周期性扫描监控系统

fully automated pentesting tool

Windows one line commands that make life easier, shortcuts and command line fu.

A backdoor with a multitude of features.

A Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.

Wordlist for content(directory) bruteforce discovering with Burp or dirsearch

File upload vulnerability scanner and exploitation tool.

🔥 2020年最好用的开源扫码，全方位优化，强烈推荐！！ 支持多种常规zxing无法扫出的码，用就完了！！ 🔥

This code is vulnerable to SQL Injection and having SQLite database. For SQLite database, SQL Injection payloads are different so it is for fun. Just enjoy it \m/

A unified console to perform the "kill chain" stages of attacks.

Python network worm that spreads on the local network and gives the attacker control of these machines.

Custom bash scripts used to automate various penetration testing tasks including recon, scanning, parsing, and creating malicious payloads and listeners with Metasploit.

Docker images for infosec tools

🔐 Docker Container for Penetration Testing & Security

An evil RAT (Remote Administration Tool) for macOS / OS X.

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

Encoder to bypass WAF filters using XOR operations

The cheat sheet about Java Deserialization vulnerabilities

🚀 Fast Port Scanner 🚀

HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.

Network protocol auditing framework

Relational database brute force and post exploitation tool for MySQL and MSSQL

Evaluate the security of S3 buckets

Centralize Vulnerability Assessment and Management for DevSecOps Team

备考 OSCP 的各种干货资料/渗透测试干货资料

ReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.

web-based OSINT and reconaissance toolkit

The ultimate WinRM shell for hacking/pentesting

Auto IP or Domain Attack Tool ( #1 )

Open source all-in-one CLI tool to semi-automate pentesting.

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

Export an OBJ file of ARKit 3.5 iPad Pro LIDAR scans

Leverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.

渗透测试插件化并发框架 / Open-sourced remote vulnerability PoC/EXP framework

DNS-Persist is a post-exploitation agent which uses DNS for command and control.

A simple dns resolver of dns-record and web-record log server for pentesting

A script written lazily for generating cross-platform backdoors on the go :)

A CPU-based JSON Web Token (JWT) cracker and - to some extent - scanner.

finds publicly known security vulnerabilities in a website's frontend JavaScript libraries

A PowerShell-based toolkit and framework consisting of a collection of techniques and tradecraft for use in red team, post-exploitation, adversary simulation, or other offensive security tasks.

ASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight

File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

A Subdomain Enumeration and Validation tool for Bug Bounty and Pentesters.

A tool for bug hunting or pentesting for targeting websites that have open .git repositories available in public

Pentesting suite for Maltego based on data in a Metasploit database

📓 Reference guide for scanning networks with Nmap.

Code from Blackhat Python book

SIEM Tactics, Techiques, and Procedures

Offline command line lookup utility for GTFOBins (https://github.com/GTFOBins/GTFOBins.github.io) and LOLBAS (https://github.com/LOLBAS-Project/LOLBAS)

Faster and more efficient stateless SYN scanner and banner grabber due to userland TCP/IP stack usage.

🔥 Firecrack pentest tools: Facebook hacking random attack, deface, admin finder, bing dorking:

A tool to hunt for publicly accessible DigitalOcean Spaces

SSRF (Server Side Request Forgery) testing resources

A tool to fastly get all javascript sources/files

Intelligence and Reconnaissance Package/Bundle installer.