800 Open source projects that are alternatives of or similar to Awesome Web Security

Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. [email protected]

Kali Live Build Scripts

Web Application Security Scanner

A collection of resources I'm using while working toward the OSCP

A collection of more than 140+ tools, scripts, cheatsheets and other loots that I have developed over years for Red Teaming/Pentesting/IT Security audits purposes. Most of them came handy on at least one of my real-world engagements.

VOIP Security Audit Framework

Resources for learning about Text Mining and Natural Language Processing

domhttpx is a google search engine dorker with HTTP toolkit built with python, can make it easier for you to find many URLs/IPs at once with fast time.

A curated list of awesome C frameworks, libraries, resources and other shiny things. Inspired by all the other awesome-... projects out there.

Little tool made in python to create payloads for Linux, Windows and OSX with unique handler

A curated list of awesome CMake resources, scripts, modules and examples.

Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place

Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.

Captive wifi hotspot bypass tool for Linux

Awesome crypto trading bots

Get GTFOBins info about a given exploit from the command line

Extended version of the Reorderable List in Unity

Automated script to run all modules for a specified list of domains, netblocks or company name

Curated list of Prolog packages and resources

Scrape domain names from SSL certificates of arbitrary hosts

Mastering Algorithms with C 《算法精解：C语言描述》源码及Xcode工程、Linux工程

AutoPentest-DRL: Automated Penetration Testing Using Deep Reinforcement Learning

😎 A curated list of packages and resources regarding Steam development

A friendly Toolkit for Beginner CTF players

Awesome list of React VR resources

My last 10 year's material collection on offensive & defensive security, GRC, risk management, technical security guidelines and much more.

The best (weekly) newsletters

Discover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty

IPv6 attack toolkit

Search Google and download specific file types

Promise packages, patterns, chat, and tutorials

WARF is a Web Application Reconnaissance Framework that helps to gather information about the target.

A curated list of awesome links and software libraries that are useful for robots.

Ashok is a OSINT Recon Tool , a.k.a 😍 Swiss Army knife .

A list of web application security

Dark-Phish is a complete phishing tool. For more about Dark-Phish tool please visit the website.

DotDotPwn - The Directory Traversal Fuzzer

General stuff for pentesting - password cracking, phishing, automation, Kali, etc.

Library of generic and type safe containers in pure C language (C99 or C11) for a wide collection of container (comparable to the C++ STL).

:.IP webcam penetration test suit.:

A collection of JavaScript error logging services, resources and shiny things.

Go library for credentials recovery

A tool to automate penetration tests

Obtain GraphQL API Schema even if the introspection is not enabled

A curated collection of links for economists

Framework For Exploring kernel vulnerabilities, network vulnerabilities ✨

Osintgram is a OSINT tool on Instagram. It offers an interactive shell to perform analysis on Instagram account of any users by its nickname

recon-ng modules for Censys

Compiled list of links from "Ask HN: Where can I post my startup to get beta users?"

Some good resources for getting started with application security

B+ Tree - List - File Structures 2 - Memory Mapped File Structures for Go

一款复现wooyun经典漏洞的docker靶机环境

Everything awesome related to npm scripts and using npm as a build tool.

Command line tool that allows you to explore IoT devices by using Shodan API.

PowerShell Runspace Portable Post Exploitation Tool aimed at making Penetration Testing with PowerShell "easier"

Web App Pen Tester (Web Interface)

✅ タスク — The minimal task runner for Node.js

Android Apps, Roms and Platforms for Pentesting

Self contained htaccess shells and attacks

A list of embedded scripting languages