1787 Open source projects that are alternatives of or similar to Burpa

Web Application Security Automation Framework which recons the target for various assets to maximize the attack surface for security professionals & bug-hunters

A defense tool - detect web shells in local directories via md5sum

收集网络上公开的漏洞扫描器的白皮书。

A simple PHP application to learn SQL Injection detection and exploitation techniques.

Smart Automation inside your browser for free. Start earning and double your followers

A Collection of articles, videos, blogs, talks and other materials on Node.js Security

🧸 Swift library which provides a high-level API to control a WKWebView

Deliberately vulnerable scripts for Web Security training

Setup your iOS project environment with a Shellscript, Makefile or Rakefile

Nmap and NSE command line wrapper in the style of Metasploit

E2E test framework for tests with complex environment requirements.

A Deliberately Insecure Web Application

Self-hosted email marketing solution

Toolbox containing research notes & PoC code for weaponizing .NET's DLR

Solhint is an open source project created by https://protofire.io. Its goal is to provide a linting utility for Solidity code.

arara is a TeX automation tool based on rules and directives. It gives you a way to enhance your TeX experience. This is a mirror repository.

Extension providing view with filtering capabilities for both complete and incomplete requests from all burp tools.

DevOps Orchestration Platform

A Python library to utilize AWS API Gateway's large IP pool as a proxy to generate pseudo-infinite IPs for web scraping and brute forcing.

Scan for and exploit Consul agents

ReactJS for your infrastructure. Create and deploy full-stack apps to any infrastructure using the power of React.

Burp Commander written in Go

cwe_checker finds vulnerable patterns in binary executables

Network Security Vulnerability Scanner

Powershell-based bot framework

Mac setup and configuration via Ansible.

Powerful, Flexible, Open Source dashboards for anything

NixOS deployment tool

80+ DevOps & Data CLI Tools - AWS, GCP, GCF Python Cloud Function, Log Anonymizer, Spark, Hadoop, HBase, Hive, Impala, Linux, Docker, Spark Data Converters & Validators (Avro/Parquet/JSON/CSV/INI/XML/YAML), Travis CI, AWS CloudFormation, Elasticsearch, Solr etc.

A humble, and fast, security-oriented HTTP headers analyzer

The extension of Burp Suite for Conviso Platform aims to serve as an integration between them, making the life of an analyst easier, because he can now send vulnerabilities directly from Burp to the platform.

Python 3.5+ DNS asynchronous brute force utility

Jasmin Ransomware is an advanced red team tool (WannaCry Clone) used for simulating real ransomware attacks. Jasmin helps security researchers to overcome the risk of external attacks.

Azure DevOps Utilities

Espressif ESP32 Based Smarthome screen for MQTT

Scan secrets from Continuous Integration Build Logs

Personal CTF Toolkit

A fast TCP port scanner

A cron monitoring tool written in Python & Django

Python API bindings for FireEye Products

Knowledge seeks no man

How to install flow.ci from docker

Pharos - The Kubernetes Distribution

Tool for breaking into web applications.

A task runner / simpler Make alternative written in Go

CapitalOne DevOps Dashboard

This repository contains full code examples from the book Gray Hat C#

Center Windows taskbar icons with a variety of animations and options.

Comic-dl is a command line tool to download manga and comics from various comic and manga sites. Supported sites : readcomiconline.to, mangafox.me, comic naver and many more.

Mixeway is security orchestrator for vulnerability scanners which enable easy plug in integration with CICD pipelines. MixewayHub project contain one click docker-compose file which configure and run images from docker hub.

Poseidon is a python-based application that leverages software defined networks (SDN) to acquire and then feed network traffic to a number of machine learning techniques. The machine learning algorithms classify and predict the type of device.

Jenkins X provides automated CI+CD for Kubernetes with Preview Environments on Pull Requests using Cloud Native pipelines from Tekton

⚙️ A Gentle introduction to Kubernetes with more than just the basics. 🌟 Give it a star if you like it.

💡 A hinting engine for the web

A repository for maintaining lists of things like malicious URLs, fake token addresses, and so forth. We love lists.

Terraform + Ansible + Docker Swarm boilerplate = DevOps on 🔥🔥🔥 | Infrastructure as Code

BruteSploit is a collection of method for automated Generate, Bruteforce and Manipulation wordlist with interactive shell. That can be used during a penetration test to enumerate and maybe can be used in CTF for manipulation,combine,transform and permutation some words or file text :p

Azure DevOps Extension for Azure CLI

Database migration tool written in BASH.

一款功能强大的漏洞扫描器，子域名爆破使用aioDNS，asyncio异步快速扫描，覆盖目标全方位资产进行批量漏洞扫描，中间件信息收集，自动收集ip代理，探测Waf信息时自动使用来保护本机真实Ip，在本机Ip被Waf杀死后，自动切换代理Ip进行扫描，Waf信息收集(国内外100+款waf信息)包括安全狗，云锁，阿里云，云盾，腾讯云等，提供部分已知waf bypass 方案，中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等)，支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能