685 Open source projects that are alternatives of or similar to Burpsuite Asset_discover

A high performance offensive security tool for reconnaissance and vulnerability scanning

Intelligence and Reconnaissance Package/Bundle installer.

Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.

Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.

OSINT Tool: Generate username lists for companies on LinkedIn

Semi-automatic OSINT framework and package manager

Automatically Launch Google Hacking Queries Against A Target Domain

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

OSINT

HostHunter a recon tool for discovering hostnames using OSINT techniques.

LeakScraper is an efficient set of tools to process and visualize huge text files containing credentials. Theses tools are designed to help penetration testers and redteamers doing OSINT by gathering credentials belonging to their target.

my oscp prep collection

Tool to automate common OSINT tasks

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

Extracting URLs of a specific target based on the results of "commoncrawl.org"

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…

Sifter aims to be a fully loaded Op Centre for Pentesters

A Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.

Do some quick reconnaissance on a domain-based web-application

Port scanning and domain utility.

Selenium powered Python script to automate searching for vulnerable web apps.

Intelligence tool but without API key

swiss army knife for hackers

Simple multi threaded tool to extract domain related data from commoncrawl.org

API, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)

Python 3.5+ DNS asynchronous brute force utility

A tool to hunt for publicly accessible DigitalOcean Spaces

An automated e-mail OSINT tool

This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference

This repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions

ASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight

Generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage.

备考 OSCP 的各种干货资料/渗透测试干货资料

Just Another Linux Enumeration Script: A Bash script for locally enumerating a compromised Linux box

A unified console to perform the "kill chain" stages of attacks.

Monitor linux processes without root permissions

Hashcat web interface

Use ExpiredDomains.net and BlueCoat to find useful domains for red team.

Passwords Recovery Tool

Offensive tools as Dockerfiles. Lightweight & Ready to go

fully automated pentesting tool

Detection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.

Venmo trasaction dataset for data analysis/visualization/anything

WhiteWinterWolf's PHP web shell

For all your network pentesting needs

A script written lazily for generating cross-platform backdoors on the go :)

Intel Owl: analyze files, domains, IPs in multiple ways from a single API at scale

Windows one line commands that make life easier, shortcuts and command line fu.

🔐 Docker Container for Penetration Testing & Security

Python network tool, similar to Netcat with custom features.

Bash script purposed for system enumeration, vulnerability identification and privilege escalation.

A PowerShell-based toolkit and framework consisting of a collection of techniques and tradecraft for use in red team, post-exploitation, adversary simulation, or other offensive security tasks.

A service that can track data breaches like "Have I Been Pwned", but it is specific for Taiwan.

Authors

Network recon framework, published by @cea-sec & @ANSSI-FR. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, collect and analyse network intelligence from your sensors, and much more!

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

RubberDucky like payloads for DigiSpark Attiny85

A tool for bug hunting or pentesting for targeting websites that have open .git repositories available in public

File upload vulnerability scanner and exploitation tool.

This code is vulnerable to SQL Injection and having SQLite database. For SQLite database, SQL Injection payloads are different so it is for fun. Just enjoy it \m/