965 Open source projects that are alternatives of or similar to Burpsuite Collections

Complete Listing and Usage of Tools used for Ethical Hacking

Appsecco training course content on Attacking and Auditing Dockers Containers and Kubernetes Clusters

巡风是一款适用于企业内网的漏洞快速应急，巡航扫描系统。

Passhunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.

OSINT Tool: Generate username lists for companies on LinkedIn

A tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo for linux privilege escalation.

⛔️ offsec batteries included

A .NET Standard library for pentesting web apps against credential stuffing attacks.

A simple keylogger for Windows, Linux and Mac

Fast web fuzzer written in Go

Credential stuffing engine built for security professionals

Minecraft Forge Hybrid server implementing the Spigot/Bukkit API (Cauldron for 1.12)

Code-Audit-Challenges

CloudBunny is a tool to capture the real IP of the server that uses a WAF as a proxy or protection. In this tool we used three search engines to search domain information: Shodan, Censys and Zoomeye.

Comprehensive Web Based Phishing Suite for Rapid Deployment and Real-Time Alerting!

Burp Pro as a Docker Container

🚀 A Simple API Gateway for Building Security and Flexible Microservices.

A collection of bash shell scripts for automating various tasks with Amazon Web Services using the AWS CLI and jq.

Subdomain enumeration through various techniques

百度AI开放平台 Java SDK

A curated list of awesome links to resources around Axway's Hyperloop for Titanium. And more.

Fuzzing cryptographic libraries. Magic bug printer go brrrr.

the champagne of beta embedded databases

Overlord - Red Teaming Infrastructure Automation

红队综合渗透框架

fireELF - Fileless Linux Malware Framework

linuxprivchecker.py -- a Linux Privilege Escalation Check Script

Automatically Launch Google Hacking Queries Against A Target Domain

Docker image for Osmedeus, a fully automated offensive security tool for reconnaissance and vulnerability scanning

Extension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.

This repo will contain some basic pentest/RT commands.

JXWAF(锦衣盾)是一款开源web应用防火墙

A game known as Connect4, Score4, 4-in-a-line or 4-in-a-row. Modes: Human Vs Minimax AI, Human Vs Human, Minimax AI Vs Minimax AI. Written in Java.

A repo with information about security of Ethereum Smart Contracts

online port scan scraper

HostHunter a recon tool for discovering hostnames using OSINT techniques.

Burp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Application Security Testing (DAST).

😹 Tomcter is a python tool developed to bruteforce Apache Tomcat manager login with Apache Tomcat default credentials.

Turn dynamically linked ELF binaries and libraries into self-contained closures.

A Burp plugin that collects Burp request parameters, directories, paths and file names into the database for sorting

Fast directory scanning and scraping tool

Intelligence tool but without API key

Awesome Burp Suite Resources. 400+ open source Burp plugins, 400+ posts and videos.

🚀 纯 Java 注解，快速开发 Admin 管理后台。不生成任何代码、零前端代码、零 CURD、自动建表、注解式API，支持所有主流数据库，支持自定义页面，支持多数据源，提供二十几类业务组件，十几种展示形式，支持逻辑删除，动态定时任务，前端后端分离等。核心技术：Spring Boot、JPA、Reflect、TypeScript、NG-ZORRO等。 开源不易，记得右上角点个star鼓励作者~

No description or website provided.

Linux Rootkits (4.x Kernel)

Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands on training!

Python based tool for testing whether your API conforms to its Swagger schema

Useful tools and scripts during Penetration Testing engagements

PowerShell SOCKS proxy with reverse proxy capabilities

Dump exposed HTTP .git fast

A framework for Backdoor development!

DNS Sub-domain brute forcer, in Python + gevent

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Academic papers related to fuzzing, binary analysis, and exploit dev, which I want to read or have already read

DNS Rebinding Exploitation Framework

Web Content Discovery Tool

🔥 A curated list of awesome links related to application security related to the environments with NGINX or Kubernetes Ingres Controller (based on NGINX)

Quickly analyze and reverse engineer Android packages

Kubernetes Goat is "Vulnerable by Design" Kubernetes Cluster. Designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security.