800 Open source projects that are alternatives of or similar to Awesome Web Security

An HTTP/HTTPS intercept proxy written in Go.

Powerful Visual Subdomain Enumeration at the Click of a Mouse

A tool to test security of json web token

Recsech is a tool for doing Footprinting and Reconnaissance on the target web. Recsech collects information such as DNS Information, Sub Domains, HoneySpot Detected, Subdomain takeovers, Reconnaissance On Github and much more you can see in Features in tools .

A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python

备考 OSCP 的各种干货资料/渗透测试干货资料

一款功能强大的漏洞扫描器，子域名爆破使用aioDNS，asyncio异步快速扫描，覆盖目标全方位资产进行批量漏洞扫描，中间件信息收集，自动收集ip代理，探测Waf信息时自动使用来保护本机真实Ip，在本机Ip被Waf杀死后，自动切换代理Ip进行扫描，Waf信息收集(国内外100+款waf信息)包括安全狗，云锁，阿里云，云盾，腾讯云等，提供部分已知waf bypass 方案，中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等)，支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能

USB Rubber Ducky type scripts written for the DigiSpark.

😎 Curated list of awesome things regarding WebAssembly (wasm) ecosystem.

🪐 A curated list of awesome Blender addons, tools, tutorials; and 3D resources for everyone.

A web front-end for password cracking and analytics

Hacking Toolkit

Web path scanner

Typefaces for source code beautification

😂 👌 A curated list of delightful Unicode tidbits, packages and resources.

A curated list of awesome groovy libraries, frameworks and resources

A cross-platform note-taking & target-tracking app for penetration testers.

📱 Collaborative List of Open-Source iOS Apps

A curated list of testing resources

A curated list of awesome projects, libraries, tools, etc. related to InfluxDB

Awesome Courses

A curated list of awesome Kubernetes tools and resources.

A curated list of awesome Phalcon libraries and resources

A curated list of dotfiles resources.

Infection Monkey - An automated pentest tool

Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security.

Jackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.

Gorsair hacks its way into remote docker containers that expose their APIs

A list of RSS related stuff: tools, services, communities and tutorials, etc.

A curated list of awesome Slack related things

A curated list of resources for teaching kids programming.

A list of command line tools for manipulating structured text data

A collection of more than 140+ tools, scripts, cheatsheets and other loots that I have developed over years for Red Teaming/Pentesting/IT Security audits purposes. Most of them came handy on at least one of my real-world engagements.

Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.

Mastering Algorithms with C 《算法精解：C语言描述》源码及Xcode工程、Linux工程

IPv6 attack toolkit

DotDotPwn - The Directory Traversal Fuzzer

A curated collection of links for economists

Everything awesome related to npm scripts and using npm as a build tool.

Resources for inspiration, lists of software, libraries and other stuff related to Motion UI design, animations and transitions.

A collection of android security related resources

A curated list of awesome resources to choose your next color scheme

Super simple virtualized list React component

✅ List of links to the various checkers out there on the web for sites, domains, security etc.

A powerful hacker toolkit collected more than 10 categories of open source scanners from Github - 安全行业从业者自研开源扫描器合辑

A curated list of awesome WebAudio packages and resources.

Modern tactical exploitation toolkit.

Awesome & interesting talks about programming

📖 A collection of pure bash alternatives to external processes.

Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords

A curated list of delightful Selenium resources.

📋 A list of styleguides

A list of classless CSS themes/frameworks with screenshots

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

Ruby on Rails Phishing Framework

A curated list of awesome Anki add-ons, decks and resources

Hack the World using Termux

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

Gathering all info published, both by Apple and by others, about new framework SwiftUI.

Practical Data Science with Ruby based tools.