965 Open source projects that are alternatives of or similar to Burpsuite Collections

Fix for windows gradle long classpath issue. Fixes JavaExec tasks that error out with message "CreateProcess error=206, The filename or extension is too long"

This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference

An Apache Guacamole extension to use as a template for customizing or branding the login page.

Fully automated offensive security framework for reconnaissance and vulnerability scanning

StateAFL: A Greybox Fuzzer for Stateful Network Servers

个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

Share of my Huge Collection of Cheatsheet (Coding, Cheat, Pinouts, Command Lists, Etc.)

Complete Listing and Usage of Tools used for Ethical Hacking

Wiki to collect Red Team infrastructure hardening resources

Appsecco training course content on Attacking and Auditing Dockers Containers and Kubernetes Clusters

Extracting URLs of a specific target based on the results of "commoncrawl.org"

巡风是一款适用于企业内网的漏洞快速应急，巡航扫描系统。

Passhunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.

Fuzzing resources for feeding various fuzzers with input. 🔧

A grammar-based custom mutator for AFL++

🔭 Lightweight URL fuzzer and spider: Discover a web server's undisclosed files, directories and VHOSTs

[ Admin panel finder / Admin Login Page Finder ] ¢σ∂є∂ ву 👻 (❤-❤) 👻

OSINT Tool: Generate username lists for companies on LinkedIn

Minecraft Forge Hybrid server implementing the Spigot/Bukkit API (Cauldron for 1.12)

集漏洞验证和任务运行的一个框架

Cameradar hacks its way into RTSP videosurveillance cameras

Code-Audit-Challenges

Penetration testing and auditing toolkit for Android apps.

CloudBunny is a tool to capture the real IP of the server that uses a WAF as a proxy or protection. In this tool we used three search engines to search domain information: Shodan, Censys and Zoomeye.

Linux and Windows shellcode enrichment utility

Blazy is a modern login bruteforcer which also tests for CSRF, Clickjacking, Cloudflare and WAF .

Security Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.

An Open Source Java Library for the Rubiks Cube!

Comprehensive Web Based Phishing Suite for Rapid Deployment and Real-Time Alerting!

This is my OSCP cheat sheet made by combining a lot of different resources online with a little bit of tweaking. I used this cheat sheet during my exam (Fri, 13 Sep 2019) and during the labs. I can proudly say it helped me pass so I hope it can help you as well ! Good Luck and Try Harder

Burp Pro as a Docker Container

🚀 A Simple API Gateway for Building Security and Flexible Microservices.

Generates malicious LNK file payloads for data exfiltration

A collection of bash shell scripts for automating various tasks with Amazon Web Services using the AWS CLI and jq.

retrieve information via O365 with a valid cred

Bifrost C2. Open-source post-exploitation using Discord API

Open-Source Ransomware As A Service for Linux, MacOS and Windows

Find exploitable PHP files by parameter fuzzing and function call tracing

web-based OSINT and reconaissance toolkit

Subdomain enumeration through various techniques

A serial port terminal that's got your back.

Python based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.

intercepting kali router

Web interface for managing Haproxy, Nginx, Apache and Keepalived servers

百度AI开放平台 Java SDK

An automated e-mail OSINT tool

给flink开发的web系统。支持页面上定义udf，进行sql和jar任务的提交；支持source、sink、job的管理；可以管理openshift上的flink集群

A curated list of awesome links to resources around Axway's Hyperloop for Titanium. And more.

⚡️ Worlds fastest steghide cracker, chewing through millions of passwords per second ⚡️

Fuzzing cryptographic libraries. Magic bug printer go brrrr.

the champagne of beta embedded databases

Dumain Bruteforcer - a fast and flexible domain bruteforcer

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

Fuzzware's main repository. Start here to install.

GodOfWar - Malicious Java WAR builder with built-in payloads

🤖 The Modern Port Scanner 🤖

A simple Burp extension for scanning stuffs in CTF

🌒 Shell command obfuscation to avoid detection systems

Improving security and resilience of WebAssembly VMs/runtimes/parsers using fuzzing

Python 3.5+ DNS asynchronous brute force utility