834 Open source projects that are alternatives of or similar to Awesome Sec Talks

Multi-threaded Padding Oracle attacks against any service. Written in Rust.

Python library and CLI for the Bug Bounty Recon API

ATT&CK实操

Blind WAF identification tool

Tool to generate smart and powerful wordlists

Demonstrate how usage of the Java Security Manager can prevent Remote Code Execution (RCE) exploits.

This document proposes a way of standardising the structure, language, and grammar used in security policies.

安全、可靠、简单、免费的企业级蜜罐

sgCheckup generates nmap output based on scanning your AWS Security Groups for unexpected open ports.

HydraFW official firmware for HydraBus/HydraNFC for researcher, hackers, students, embedded software developers or anyone interested in debugging/hacking/developing/penetration testing

A collection of over 5.1 million sub-domains and assets belonging to public bug bounty programs, compiled into a repo, for performing bulk operations.

InfoPath Phishing Repo Resource

A collection of c++ programs that demonstrate common ways to detect the presence of an attached debugger.

AWS Serverless Security

A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).

A memorial site for Hackers and Infosec people who have passed

This repository contains reference material & links for people willing to learn Ethical Hacking

XSS in pastebin.com and reddit.com via unsanitized markdown output

web scanner - exploitation - information gathering

a commandline #OSINT tool to find the online presence of a username in popular social media websites like Facebook, Instagram, Twitter, etc.

Source code for Hacker101.com - a free online web and mobile security class.

☎️ Original open source call flooder using Twilio's API.

An open source batch script based WiFi Passview for Windows!

Turn your VPS into an attack box

This is an advanced script for Instagram bruteforce attacks. WARNING THIS IS A REAL TOOL!

A list of all the Angular Communities around the world

Portia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised. Portia performs privilege escalation as well as lateral movement automatically in the network

Related subdomains finder

Complete Listing and Usage of Tools used for Ethical Hacking

Multi source CVE/exploit parser.

DNS rebinding toolkit

Python API wrapper for haveibeenpwned.com (API v3)

Enine boyuna siber güvenlik

TIGMINT: OSINT (Open Source Intelligence) GUI software framework

Remote Administration Toolkit (or Trojan) for POSiX (Linux/Unix) system working as a Web Service

Xiaomi Smart Home Device Reverse Engineering and Hacking

Pentest: Subdomains enumeration tool for penetration testers.

200 TOOLS BY 0XID4FF0X FOR TERMUX

LLMNR/NBNS/mDNS Spoofing Detection Toolkit

🐱‍💻 Tiny Tiny Hacks we use in our daily life.

Backend logic implementation for Vulnerability Management System

scan for NTLM directories

Windows post-exploitation tools, resources, techniques and commands to use during post-exploitation phase of penetration test. Contributions are appreciated. Enjoy!

Message Queue & Broker Injection tool

Side-channel file transfer between independent VMs or processes executed on the same physical host.

Python network worm that spreads on the local network and gives the attacker control of these machines.

Audit your public Google Drive files.

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

Xerrades de Python Girona

Automated NoSQL database enumeration and web application exploitation tool.

Quine Museum

Phonia Toolkit is one of the most advanced toolkits to scan phone numbers using only free resources. The goal is to first gather standard information such as country, area, carrier and line type on any international phone numbers with a very good accuracy.

Active Directory ACL Visualizer and Explorer - who's really Domain Admin?

PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.

Run executables from memory, over the network, on Windows, Linux, OpenVMS... routers... spaceships... toasters etc.

Interactive Threat Intelligence Bot that leverages serverless framework, AWS/GCP, and Slack

Python Tutorial - || Advanced Keylogger || Code Walk-through || Hacking/Info-Sec ||

Really quickly build APKs on handheld device (smartphone or tablet) in Amazon, Android, Chromebook and Windows📲 See https://buildapks.github.io/docsBuildAPKs/setup to start building APKs.

🐐 GoAT (Golang Advanced Trojan) is a trojan that uses Twitter as a C&C server

Astra is a tool to find URLs and secrets inside a webpage/files