1046 Open source projects that are alternatives of or similar to Awesome Security Gists

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

Hide secrets with invisible characters in plain text securely using passwords 🧙🏻‍♂️⭐

Awesome Node.js Security resources

Most usable tools for iOS penetration testing

Chashell is a Go reverse shell that communicates over DNS. It can be used to bypass firewalls or tightly restricted networks.

Evilgrade is a modular framework that allows the user to take advantage of poor upgrade implementations by injecting fake updates.

🔐 Docker Container for Penetration Testing & Security

Multiplatform payload dropper

Feature-rich Post Exploitation Framework with Network Pivoting capabilities.

🔑 Hash type identifier (CLI & lib)

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

A Tool for Domain Flyovers

Extract subdomains from SSL certificates in HTTPS sites.

This challenge is Inon Shkedy's 31 days API Security Tips.

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

Offensive tools as Dockerfiles. Lightweight & Ready to go

Leverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.

☠️ The Pathwar Project ☠️

Penetration tests guide based on OWASP including test cases, resources and examples.

Related subdomains finder

Turn your VPS into an attack box

🦁 Juumla is a python tool created to identify Joomla version, scan for vulnerabilities and search for config or backup files.

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

🎯 XML External Entity (XXE) Injection Payload List

Selenium powered Python script to automate searching for vulnerable web apps.

A curated list of awesome infosec courses and training resources.

This repository contains writeups for various CTFs I've participated in (Including Hack The Box).

🖖 Fast, modern, easy-to-use network scanner

Misc. Public Reports of Penetration Testing and Security Audits.

渗透测试☞经验/思路/总结/想法/笔记

Snoop — инструмент разведки на основе открытых данных (OSINT world)

Vulnerability Dashboard

RFD Checker - security CLI tool to test Reflected File Download issues

🌒 Shell command obfuscation to avoid detection systems

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

Container with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters

A list of payload and bypass lists for penetration testing and red team infrastructure build.

Webshell Manager

Git All the Payloads! A collection of web attack payloads.

Its a framework filled with alot of options and hacking tools you use directly in the script from brute forcing to payload making im still adding more stuff i now have another tool out called htkl-lite its hackers-tool-kit just not as big and messy to see updates check on my instagram @tuf_unkn0wn or if there are any problems message me on instagram

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Pentest Report Generator

Multi source CVE/exploit parser.

An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)

Apache HTTP Server 2.4.49, 2.4.50 - Path Traversal & RCE

Pentest: Subdomains enumeration tool for penetration testers.

A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.

🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks

OSINT Swiss Army Knife

Hershell is a simple TCP reverse shell written in Go.

Security Mindmap that could be useful for the infosec community when doing pentest, bug bounty or red-team assessments.

The GDPR Checklist

Technitium DNS Server

Generate Gmail Emailing Keyloggers to Windows.

Web path scanner

MEGA Android App

windows-kernel-exploits Windows平台提权漏洞集合

Multi-platform transparent client-side encryption of your files in the cloud

Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework

Completely block Google and its services