371 Open source projects that are alternatives of or similar to Bootsy

🔐 Docker Container for Penetration Testing & Security

巡风是一款适用于企业内网的漏洞快速应急，巡航扫描系统。

No description or website provided.

Comprehensive Web Based Phishing Suite for Rapid Deployment and Real-Time Alerting!

Little Bug Bounty & Hacking Tools⚔️

A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.

A collection of various GitHub gists for hackers, pentesters and security researchers

Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer

Awesome cloud enumerator

Exploit Development, Reverse Engineering & Cryptography

StalkPhish - The Phishing kits stalker, harvesting phishing kits for investigations.

A collection of over 5.1 million sub-domains and assets belonging to public bug bounty programs, compiled into a repo, for performing bulk operations.

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…

Leverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.

Public Repository of Open Source Tools for Cyber Threat Intelligence Analysts and Researchers

Collection of penetration test reports and pentest report templates. Published by the the best security companies in the world.

Demonstrate how usage of the Java Security Manager can prevent Remote Code Execution (RCE) exploits.

OWASP Honeypot, Automated Deception Framework.

Nozzlr is a bruteforce framework, trully modular and script-friendly

A community contributed consolidated list of InfoSec meetups in the Asia Pacific region.

A python script that finds endpoints in JavaScript files

A collection of all the data i could extract from 1 billion leaked credentials from internet.

Zero-setup SSH-based scanner with extensive visualizations for Debian server inventory, policy compliance and vulnerabilities

Dorothy is a tool to test security monitoring and detection for Okta environments

Generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage.

A fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.

安全、快捷、高交互、企业级的蜜罐管理系统，护网；支持多种协议蜜罐、蜜签、诱饵等功能。A safe, fast, highly interactive and enterprise level honeypot management system, supports multiple protocol honeypots, honeytokens, baits and other functions.

Multi Tool Subdomain Enumeration

This repository is used to store answers when resolving ctf challanges, how i came to that answer and the line of thought used to reach it.

Repo replaced by cogsec-collaborative/AMITT

Test Blue Team detections without running any attack.

Automated, extensible toolset that runs cypher queries against Bloodhound's Neo4j backend and saves output to spreadsheets.

A little collection of fun and creative proof of concepts to demonstrate the potential impact of a security vulnerability.

Windows Hardening settings and configurations

MITRE Shield website

A Solution For Cross-Platform Obfuscated Commands Detection presented on CIS2019 China. 动静态Bash/CMD/PowerShell命令混淆检测框架 - CIS 2019大会

Windows one line commands that make life easier, shortcuts and command line fu.

JSON DataSet for macOS mapped to MITRE ATT&CK Tactics.

Malware Sample Sources

A PowerShell module to deploy active directory decoy objects.

Detect silent (unwanted) changes to files on your system

A collection of scripts I've written to help red and blue teams with malware persistence techniques.

LLMNR/NBNS/mDNS Spoofing Detection Toolkit

ThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.

Auto setup is a bash script compatible with Debian based distributions to install and setup necessary programs.

A collection of electronic hacker magazines carefully curated over the years from multiple sources

Multi-threaded Padding Oracle attacks against any service. Written in Rust.

E-mails, subdomains and names Harvester - OSINT

Wireshark Cheat Sheet

Scan your code for security misconfiguration, search for passwords and secrets. 🔍

Gorsair hacks its way into remote docker containers that expose their APIs

sgCheckup generates nmap output based on scanning your AWS Security Groups for unexpected open ports.

Writeups of CTF challenges

Collecting IOCs posted on Twitter

A simple python script which can check HTTP status of branch of URLs/Subdomains and grab URLs/Subdomain title

Damn Vulnerable Bank is designed to be an intentionally vulnerable android application. This provides an interface to assess your android application security hacking skills.

Get GTFOBins info about a given exploit from the command line

Security challenges and CTFs created by the Penultimate team.

evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.

Web path scanner