783 Open source projects that are alternatives of or similar to Breach.tw

Incredibly fast crawler designed for OSINT.

Fetch information about a public Google document.

Transbank Web Services SDK. Webpay OneClick, PatPass y Transacción Normal

Information gathering & website reconnaissance | https://phishstats.info/

Explore tweets gathered with Twint with faceted search

Scaling Network Scanning. Changes prior to 1.0 may cause difficult to avoid backwards incompatibilities. You've been warned.

Darknet OSINT Transform

A curated list of awesome infosec courses and training resources.

📚 Overview 🔒 Tooling 🔒 Process 🔒 Physical 🔒 People 📚

🌐 LEGO blocks for networking, a Python library to help create and test flexible network topologies across real and simulated physical links.

OnionSearch is a script that scrapes urls on different .onion search engines.

台灣上市上櫃股票爬蟲 Taiwan Stock Exchange Crawler

PrestaShop (1.6.x <= 1.6.1.23 or 1.7.x <= 1.7.4.4) Back Office Remote Code Execution (CVE-2018-19126)

uDork is a script written in Bash Scripting that uses advanced Google search techniques to obtain sensitive information in files or directories, find IoT devices, detect versions of web applications, and so on.

rpCheckup is an AWS resource policy security checkup tool that identifies public, external account access, intra-org account access, and private resources.

OSINT

We propose a user-friendly add-on that allows you to check if your encrypted web traffic (SSL/TLS) towards secured Internet servers (HTTPS) is not intercepted (being listened to).

Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.

Cross-Site Scripting (XSS) command line tool for testing lists of XSS payloads on web apps.

Network footprint scanner platform. Discover domains and run your custom checks periodically.

Record your test suite's HTTP interactions and replay them during future test runs for fast, deterministic, accurate tests.

Personal CTF Toolkit

cvebase is a community-driven vulnerability data platform to discover the world's top security researchers and their latest disclosed vulnerabilities & PoCs

A list of interesting payloads, tips and tricks for bug bounty hunters.

Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.

A collected list of awesome security talks

Monitoring GitLab for sensitive data shared publicly

Defanged Indicator of Compromise (IOC) Extractor.

SIEM-From-Scratch is a drop-in ELK based SIEM component for your Vagrant infosec lab

The fastest dork scanner written in Go.

🕵️‍♂️ Investigate Google emails and documents.

基于ILRuntime的热更新能力实现的可以直接使用的框架，友情赠送C# WebService + WebSocketServer服务器端。

Infoga - Email OSINT

An easy, Ruby way to use the Pwned Passwords API.

Python script to hunt phishing kits

🎯 PHP / ASP - Shell Backdoor List 🎯

A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.

A community contributed consolidated list of InfoSec meetups in the Asia Pacific region.

Python library and CLI for accurately querying username and email usage on online platforms

Goca Scanner

rest service + frontend to align sentences , in rust

Kurukshetra - A framework for teaching secure coding by means of interactive problem solving.

All-in-one tool for managing vulnerability reports from AppSec pipelines

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

Comprehensive Web Based Phishing Suite for Rapid Deployment and Real-Time Alerting!

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Advanced Search for Twitter.

The Offensive Manual Web Application Penetration Testing Framework.

Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer

a recon tool that allows searching on URLs that are exposed via shortener services

Awesome cloud enumerator

An ongoing list of virtual cybersecurity conferences.

OSRFramework, the Open Sources Research Framework is a AGPLv3+ project by i3visio focused on providing API and tools to perform more accurate online researches.

Automatic finder for subdomains vulnerable to takeover. Written in Go, based on @haccer's subjack.

Bringing you the best of the worst files on the Internet.

This repo is about @harshbothra_ 365 days of learning Tweet & Mindmap collection

A collection of resources/documentation/links/etc to help people learn about Infosec and break into the field.

🔥 A powerful MongoDB auditing and pentesting tool 🔥

🕷️ A Git source leak exploit tool that restores the entire Git repository, including data from stash, for white-box auditing and analysis of developers' mind

Information gathering tool - OSINT