858 Open source projects that are alternatives of or similar to Bbr

This challenge is Inon Shkedy's 31 days API Security Tips.

gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...

Collection of Facebook Bug Bounty Writeups

Curated List of Privacy Respecting Services and Software

Plugin for SonarQube that generates badges displaying information about a project's or view's quality.

Cat-Nip Automated Basic Pentest Tool - Designed For Kali Linux

pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.

Powerful Visual Subdomain Enumeration at the Click of a Mouse

EmbedOS - Embedded security testing virtual machine

Hunt down the secrets from the WebArchives for Fun and Profit

NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.

A collection of various awesome lists for hackers, pentesters and security researchers

A JWT (JSON Web Token) Encoder & Decoder

Vulnerability Database | huntr.dev

ReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.

Cross-site scripting labs for web application security enthusiasts

A web crawler (for bug hunting) that gathers more than you can imagine.

Self-hosted application to manage project reporting. Demo:

GoFingerprint is a Go tool for taking a list of target web servers and matching their HTTP responses against a user defined list of fingerprints.

protocol fuzzing toolkit

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

Java reporting library for creating dynamic report designs at runtime

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

Container with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters

Simplifying Seccomp enforcement in containerized or non-containerized apps

A permutation generation tool written in golang

Automatic finder for subdomains vulnerable to takeover. Written in Go, based on @haccer's subjack.

Common password pattern generator using strings list

Collection of PowerShell network security scripts for system administrators.

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

A tool to test security of json web token

Cloud Discovery provides a point in time enumeration of all the cloud native platform services

Urls de-duplication tool for better recon.

Collection of quality safety articles. Awesome articles.

bash scripting thing !

Community curated list of templates for the nuclei engine to find security vulnerabilities.

A collection of public offensive and defensive security related scripts for InfoSec students.

Extent Reporting Library, Java

Your Google Recon is Now Automated

Keye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will make a request to these URLs and try to detect changes based on their response's body length.

OSSSM (awesome). Open source short-term secure messaging

Set of tools to audit SIP based VoIP Systems

Curated list of links, references, books videos, tutorials (Free or Paid), Exploit, CTFs, Hacking Practices etc. which are related to AWS Security

The dum^H^H^Hsimplest encryption tool in the world.

Java library for creating Excel reports using Excel templates

Cross Origin Resource Sharing MisConfiguration Scanner

Lightweight macOS Crash Reporter Setup

A PowerShell armoury for penetration testers or other random security guys

The unofficial HackerOne disclosure Timeline

Webshell Manager

Awesome Golang Security resources 🕶🔐

njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

List of considerations for commerce site auditing and security teams. This is summary of action points and areas that need to be built into the Techinical Specific Document, or will be checked in the Security testing phases.

Adversary Simulation Framework

A binary analysis framework

Telling tales on you for leaking secrets!

Quiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.

🔒 A curated checklist of 300+ tips for protecting digital security and privacy in 2021

Resources to help you keep secrets (API keys, database credentials, certificates, ...) out of source code and remediate the issue in case of a leaked API key. Made available by GitGuardian.