654 Open source projects that are alternatives of or similar to Awesome Social Engineering

🌒 Shell command obfuscation to avoid detection systems

Information gathering & website reconnaissance | https://phishstats.info/

DDTTX Tabletop Trainings

Cross-platform working memory span task

Skeleton is a Social Engineering tool attack switcher

EyeLoop is a Python 3-based eye-tracker tailored specifically to dynamic, closed-loop experiments on consumer-grade hardware.

Contenido de herramientas OSINT con Docker. Tambien nos podes visitar en el canal de youtube (https://www.youtube.com/user/marcospr74/)

holehe allows you to check if the mail is used on different sites like twitter, instagram and will retrieve information on sites with the forgotten password function.

An integrated tool and a collection of snippets which helps in the various aspects of the terminal.

Writeups for infosec Capture the Flag events by team Galaxians

Discover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty

RFD Checker - security CLI tool to test Reflected File Download issues

Search Google and download specific file types

bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.

WARF is a Web Application Reconnaissance Framework that helps to gather information about the target.

Damn Vulnerable Web Application (DVWA)

uDork is a script written in Bash Scripting that uses advanced Google search techniques to obtain sensitive information in files or directories, find IoT devices, detect versions of web applications, and so on.

This document proposes a way of standardising the structure, language, and grammar used in security policies.

Simple multi threaded tool to extract domain related data from commoncrawl.org

The Devils Eye is an OSINT tool that extracts onion links and descriptions that match with the users query from the Darkweb, without requiring the use for Tor.

OSINT

Astra is a tool to find URLs and secrets inside a webpage/files

Most usable tools for iOS penetration testing

A Heroku-based web honeypot that can be used to create and monitor fake HTTP endpoints (i.e. honeytokens).

Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.

The official wrapper for spyse.com API, written in Go, aimed to help developers build their integrations with Spyse.

Explore tweets gathered with Twint with faceted search

Community modules for FAME

Network footprint scanner platform. Discover domains and run your custom checks periodically.

goverview - Get an overview of the list of URLs

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

The Simplistic Information Gathering Engine | Find Advanced Information on a Username, Website, Phone Number, etc.

Hetty is an HTTP toolkit for security research.

An introduction to security for developers.

A default credential scanner.

An inventory of tools and resources about CyberSecurity that aims to help people to find everything related to CyberSecurity.

Web Extension for Firefox/Chrome/MS Edge and CLI tool to save a faithful copy of an entire web page in a single HTML file

Citizen Intelligence Agency, open-source intelligence (OSINT) project

In-depth Attack Surface Mapping and Asset Discovery

Security challenges and CTFs created by the Penultimate team.

Quack Toolkit is a set of tools to provide denial of service attacks. Quack Toolkit includes SMS attack tool, HTTP attack tool and many other attack tools.

Raven is a Web application penetration testing tool.

Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.

Toutatis is a tool that allows you to extract information from instagrams accounts such as e-mails, phone numbers and more

Defanged Indicator of Compromise (IOC) Extractor.

Network recon framework. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, collect and analyse network intelligence from your sensors, and much more!

🔎 Hunt down social media accounts by username across social networks

GZip HTTP Bombing in Python for everyone

The fastest dork scanner written in Go.

Scan installed EDRs and AVs on Windows

A scanner for taking basic fingerprints

CLI program that collects information from facebook user profiles via Selenium.

A fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.

papaja (Preparing APA Journal Articles) is an R package that provides document formats to produce complete APA manuscripts from RMarkdown-files (PDF and Word documents) and helper functions that facilitate reporting statistics, tables, and plots.

Designed to be installed on a fresh install of raspbian on a raspberry pi, by combining Respounder (Responder detection) and Artillery (port and service spoofing) for network deception, this tool allows you to detect an attacker on the network quickly by weeding out general noisy alerts with only those that matter.

Writeups of CTF challenges

Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.

bingip2hosts is a Bing.com web scraper that discovers websites by IP address

Ayashige provides a list of suspicious newly updated domains as a JSON feed

A fast GitHub stargazers information gathering tool