775 Open source projects that are alternatives of or similar to Awsbucketdump

Penetration tests guide based on OWASP including test cases, resources and examples.

Bucket Flaws ( S3 Bucket Mass Scanner ): A Simple Lightweight Script to Check for Common S3 Bucket Misconfigurations

Fully automated offensive security framework for reconnaissance and vulnerability scanning

HostHunter a recon tool for discovering hostnames using OSINT techniques.

ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.

Ruby on Rails Phishing Framework

A default credential scanner.

Collection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi

Burp extension to passively scan for applications revealing software version numbers

Python based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.

Jackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.

Hacking Toolkit

pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)

USB Rubber Ducky type scripts written for the DigiSpark.

kernel privilege escalation enumeration and exploitation framework

This tool aims at automating the identification of potential service running behind ports identified manually either through manual scan or services running locally. The tool is useful when nmap or any scanning tool is not available and in the situation during which you did a manual port scanning and then want to identify the services running behind the identified ports.

A tool for testing subdomain takeover possibilities at a mass scale.

A Python-powered exploitation framework and botnet.

A collection of more than 140+ tools, scripts, cheatsheets and other loots that I have developed over years for Red Teaming/Pentesting/IT Security audits purposes. Most of them came handy on at least one of my real-world engagements.

A Powerful Subdomain Takeover Tool

Scripts I use during pentest engagements.

Security Mindmap that could be useful for the infosec community when doing pentest, bug bounty or red-team assessments.

A collection of awesome one-liner scripts especially for bug bounty tips.

Dump exposed HTTP .git fast

A curated list of awesome OSCP resources

DotDotPwn - The Directory Traversal Fuzzer

A web front-end for password cracking and analytics

📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.

A big list of Android Hackerone disclosed reports and other resources.

A powerful hacker toolkit collected more than 10 categories of open source scanners from Github - 安全行业从业者自研开源扫描器合辑

Discover Your Attack Surface!

👀 🖥️ Golang rewrite of eyes.sh. Let's you perform domain/IP address information gathering. Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?" 🔍 🕵️

An HTTP/HTTPS intercept proxy written in Go.

🌘🦊 DalFox(Finder Of XSS) / Parameter Analysis and XSS Scanning tool based on golang

Infection Monkey - An automated pentest tool

Modern tactical exploitation toolkit.

A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.

Powerfull XSS Scanning and Parameter analysis tool&gem

Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security.

A Virtual Machine For Assessing Android applications, Reverse Engineering and Malware Analysis

Gospider - Fast web spider written in Go

Making Favicon.ico based Recon Great again !

Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords

Mining parameters from dark corners of Web Archives

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

In-depth Attack Surface Mapping and Asset Discovery

Automated Penetration Testing Framework

A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.

Directory Services Internals (DSInternals) PowerShell Module and Framework

Hack the World using Termux

Automated Red Team Infrastructure deployement using Docker

A distributed nmap / masscan scanning framework complete with an API client for automation workflows

👶 BabySploit Beginner Pentesting Toolkit/Framework Written in Python 🐍

Tool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

This repo is about @harshbothra_ 365 days of learning Tweet & Mindmap collection

A "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)

A portable console aimed at making pentesting with PowerShell a little easier.

websocket-connection-smuggler

Automatically brute force all services running on a target.