1345 Open source projects that are alternatives of or similar to Bash_scripting

A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.

A permutation generation tool written in golang

Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.

A Python tool used to automate the execution of the following tools : Nmap , Nikto and Dirsearch but also to automate the report generation during a Web Penetration Testing

Hawkeye filesystem analysis tool

Automatic Service Enumeration Script

Declarative penetration testing orchestration framework

一款信息泄漏利用工具，适用于.git/.svn源代码泄漏和.DS_Store泄漏

Offensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.

Security Orchestration, Automation and Response (SOAR) Platform. 安全编排与自动化响应平台，无需编写代码的安全自动化，使用 SOAR 可以让团队工作更加高效

🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.

Python library and CLI for the Bug Bounty Recon API

A tool to fastly get all javascript sources/files

Enumerate information from NTLM authentication enabled web endpoints 🔎

OSINT Project

Pentest: Subdomains enumeration tool for penetration testers.

Related subdomains finder

平常看到好的渗透hacking工具和多领域效率工具的集合

An automated e-mail OSINT tool

Making Favicon.ico based Recon Great again !

Reconnaissance tool for GitHub code search. Finds exposed API keys using pattern matching, commit history searching, and a unique result scoring system.

Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework

A list of resources for those interested in getting started in bug bounties

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

Semi-automatic OSINT framework and package manager

Hacking tools

Repositório com conteúdo sobre web hacking em português

WPrecon (WordPress Recon), is a vulnerability recognition tool in CMS Wordpress, developed in Go and with scripts in Lua.

List of considerations for commerce site auditing and security teams. This is summary of action points and areas that need to be built into the Techinical Specific Document, or will be checked in the Security testing phases.

Collection of quality safety articles. Awesome articles.

Email OSINT & Password breach hunting tool, locally or using premium services. Supports chasing down related email

Search Google/Bing/Ecosia/DuckDuckGo/Yandex/Yahoo for a search term with a default set of websites, bug bounty programs or a custom collection.

Phonia Toolkit is one of the most advanced toolkits to scan phone numbers using only free resources. The goal is to first gather standard information such as country, area, carrier and line type on any international phone numbers with a very good accuracy.

Intelligence and Reconnaissance Package/Bundle installer.

Python Interactive Deepweb-oriented Rapid Intelligent Link Analyzer

Web Application recon automation

Vaf is a cross-platform very advanced and fast web fuzzer written in nim

A very (very) FAST and simple subdomain finder based on online & free services. Without any configuration requirements.

安全编排与自动化响应平台

🎯 XML External Entity (XXE) Injection Payload List

Next generation web scanner

Your Google Recon is Now Automated

A collection of various awesome lists for hackers, pentesters and security researchers

Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.

A collection of awesome one-liner scripts especially for bug bounty tips.

ReconPi - A lightweight recon tool that performs extensive scanning with the latest tools.

Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.

Web path scanner

Email recon made fast and easy, with a framework to build on

HostHunter a recon tool for discovering hostnames using OSINT techniques.

Automation for internal Windows Penetrationtest / AD-Security

Core to automatize whatsapp - working 11/2018

Keye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will make a request to these URLs and try to detect changes based on their response's body length.

Micro-framework for rapid development of reusable security tools

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…

BruteSploit is a collection of method for automated Generate, Bruteforce and Manipulation wordlist with interactive shell. That can be used during a penetration test to enumerate and maybe can be used in CTF for manipulation,combine,transform and permutation some words or file text :p

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

my oscp prep collection

🏴‍☠️ Information Gathering tool 🏴‍☠️ DNS / Subdomains / Ports / Directories enumeration

Modern Web Firewall: stop account takeovers, weak passwords, cloud IPs, DoS attacks, disposable emails