534 Open source projects that are alternatives of or similar to Bundler Audit

Wordpress Vulnerability Scanner

An open source tool to aid in command line driven generation of bug bounty reports based on user provided templates.

A simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support

This code is vulnerable to SQL Injection and having SQLite database. For SQLite database, SQL Injection payloads are different so it is for fun. Just enjoy it \m/

Find cloud assets that no one wants exposed 🔎 ☁️

Collection of PowerShell network security scripts for system administrators.

Open source application to instantly remediate common security issues through the use of AWS Config

🔒 A curated checklist of 300+ tips for protecting digital security and privacy in 2021

A ZigBee hacking toolkit by Bishop Fox

🧰 A zero trust swiss army knife for working with X509, OAuth, JWT, OATH OTP, etc.

The full story of the CLR implementation of Meterpreter

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

Collecting & Hunting for IOCs with gusto and style

Test the accuracy of Endpoint Detection and Response (EDR) software with simple script which executes various ATT&CK/LOLBAS/Invoke-CradleCrafter/Invoke-DOSfuscation payloads

A simple tool for interacting with OWASP ZAP from the commandline.

A repository of tools for pentesting of restricted and isolated environments.

ContainerSSH: Launch containers on demand

Open Cloud Security Posture Management Engine

Biu-framework🚀 Security Scan Framework For Enterprise Intranet Based Services(企业内网基础服务安全扫描框架)

The dum^H^H^Hsimplest encryption tool in the world.

Resources to help you keep secrets (API keys, database credentials, certificates, ...) out of source code and remediate the issue in case of a leaked API key. Made available by GitGuardian.

Advanced vulnerability scanning with Nmap NSE

Username enumeration and password spraying tool aimed at Microsoft O365.

🚀 Fast Port Scanner 🚀

Advanced and easy to use penetration testing framework 💣🔎

proxy poc implementation of STARTTLS stripping attacks

GitHub Sensitive Information Leakage（GitHub敏感信息泄露监控）

pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.

Android library to reveal or obfuscate strings and assets at runtime

A tool to test security of json web token

Ansible role to apply a security baseline. Systemd edition.

njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.

The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)

An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.

Some of the best web shells that you might need!

An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR

A note-taking macOS app for penetration-testers.

YAWAST ...where a pentest starts. Security Toolkit for Web-based Applications

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

This Repository contains the stuff related to windows Active directory environment exploitation

Faster and more efficient stateless SYN scanner and banner grabber due to userland TCP/IP stack usage.

Harden the world is a community driven project to develop hardening guidelines and checklists for common software and devices.

Exporter is a Burp Suite extension to copy a request to the clipboard as multiple programming languages functions.

安全编排与自动化响应平台

FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.

nnposter's alternate fingerprint dataset for Nmap script http-default-accounts

一行代码检测XP/调试/多开/模拟器/root

Curated List of Privacy Respecting Services and Software

Exein core for Linux based firmware

NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.

Extract uncompiled, uncompressed SPA code from Webpack source maps.

A tool for bug hunting or pentesting for targeting websites that have open .git repositories available in public

Cloud Discovery provides a point in time enumeration of all the cloud native platform services

Send encrypted PGP messages with one click

The request.bin of DNS request

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

A binary analysis framework

Reverse shell generator written in Python 3.

Search exposed EBS volumes for secrets

Rescope is a tool geared towards pentesters and bugbounty researchers, that aims to make life easier when defining scopes for Burp Suite and OWASP ZAP.