329 Open source projects that are alternatives of or similar to Blowhole

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

Provides various Windows Server Active Directory (AD) security-focused reports.

Automated NoSQL database enumeration and web application exploitation tool.

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

Powerful Visual Subdomain Enumeration at the Click of a Mouse

本程序旨在为安全应急响应人员对Linux主机排查时提供便利，实现主机侧Checklist的自动全面化检测，根据检测结果自动数据聚合，进行黑客攻击路径溯源。

A next generation version of enum4linux (a Windows/Samba enumeration tool) with additional features like JSON/YAML export. Aimed for security professionals and CTF players.

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

Open source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.

A simple auditing utility for macOS

Modern alternative to dirbuster/dirb

A Go implementation of dirsearch.

Wordpress Vulnerability Scanner

Crypto Audit Guidelines

Chat Bot Security Checklist

This repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions

Extensions, Auditing, Concurrency Checks, JSON properties and Transaction Logs for EntityFramework and EFCore

A common audit framework for java application

Fully open-source security audit for project dependencies based on known vulnerabilities and advisories. Supports both local repos and container images. Integrates with various CI environments such as Azure Pipelines, CircleCI and Google CloudBuild. No server required!

GCP CIS 1.1.0 Benchmark InSpec Profile

Collector script for retrieving audit logs from the Office 365 API with file or network/graylog output.

Aggregated wordlist pulled from commonly used tools for discovery, enumeration, fuzzing, and exploitation.

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

The best way to scan for weak ssh passwords on your network

Extract endpoints marked as disallow in robots files to generate wordlists.

findCDN is a tool created to help accurately identify what CDN a domain is using.

Enumerate AD through LDAP with a collection of helpfull scripts being bundled

The missing reverse proxy for ssh scp

Assesses CPU security of embedded devices. #nsacyber

Burp Scanner extension to fingerprint and actively scan instances of the Adobe Experience Manager CMS. It checks the website for common misconfigurations and security holes.

🌲 Configuration flaws detector for Hadoop, MongoDB, MySQL, and more!

This cheat sheet contains common enumeration and attack methods for Windows Active Directory with the use of powershell.

Configuration guidance for implementing the Windows 10 and Windows Server 2016 DoD Secure Host Baseline settings. #nsacyber

Enumeration implementation for PHP

🧮 SOCKS5/4/4a 🌾 validating proxy pool and upstream SOCKS5 server for 🤽 LOLXDsoRANDum connections 🎋

Versioning and Auditing with Hibernate Envers.

Audit module for Parse Platform

Implementation of enumeration classes in PHP. The better alternative for enums

A tiny web auditor with strong opinions.

Menu driven wordlist generator in C++

Exam Prep for the Ec-council Certified Ethical Hacker 312-50

Find interesting and potentially hazardous commits in git projects

A Django app that keeps a log of changes made to an object.

A Tool that Finds, Enumerates, and Exploits Reolink Cameras.

Jxnet is a Java library for capturing and sending custom network packet buffers with no copies. Jxnet wraps a native packet capture library (libpcap/winpcap/npcap) via JNI (Java Native Interface).

For auditing what collaborators, hooks, and deploy keys you have added on all your GitHub repositories.

Prowler is an Open Source Security tool for AWS, Azure and GCP to perform Cloud Security best practices assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. It contains hundreds of controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks.

Continuous Auditing & Configuration

Yet another Django audit log app, hopefully the simplest one.

Multi-Cloud Security Auditing Tool

GKE CIS 1.1.0 Benchmark InSpec Profile

The PHP enumeration type library

Open Source SIEM (Security Information and Event Management system).

Penetration testing and auditing toolkit for Android apps.

Simple, easily customised trigger-based auditing for PostgreSQL (Postgres). See also pgaudit.

Auditing Script based on CIS-BENCHMARK CENTOS 8

Tracker-enabled DbContext offers you to implement full auditing in your database

🔨 📶 WiFi-Jammer/DoS toolset

Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting

INTERCEPT / Policy as Code Static Analysis Auditing / SAST