1067 Open source projects that are alternatives of or similar to Catnip

Set of tools to audit SIP based VoIP Systems

Hacking Toolkit

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

Next generation web scanner

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

SMTP and IMAP checker / cracker for mailpass combolists with a user-friendly GUI, automated inbox test and many more features.

Tool Information Gathering Write By Python.

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

A tool to test security of json web token

Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework

C2/post-exploitation framework

network reconnaissance toolkit

Automate Pentest Tool

VOIP Security Audit Framework

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

Exploit Pack -The next generation exploit framework

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

Pentest environment deployer (kali linux + targets) using vagrant and chef.

Tool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.

🆕 The Multi-Tool Web Vulnerability Scanner.

Cloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.

System Optimizer and Monitoring, Security Auditing, Vulnerability scanner for Linux, macOS, and UNIX-based systems

X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting

个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)

👶 BabySploit Beginner Pentesting Toolkit/Framework Written in Python 🐍

API, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)

InQL - A Burp Extension for GraphQL Security Testing

MSDAT: Microsoft SQL Database Attacking Tool

grep rough audit - source code auditing tool

A static analysis security vulnerability scanner for Ruby on Rails applications

MSFvenom Payload Creator (MSFPC)

Open-Source Security Architecture | 开源安全架构

jSQL Injection is a Java application for automatic SQL database injection.

Find exploit tool

Simple Golang HTTPS/TLS Examples

CVE-2016-8610 (SSL Death Alert) PoC

ODAT: Oracle Database Attacking Tool

kube-scan: Octarine k8s cluster risk assessment tool

Linux命令转发记录

ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产，构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产，发现存在的薄弱点和攻击面。

This ansible role gets information from an AWS VPC and generate a graphical representation of security groups

Scripts to gather system configuration information for offline/remote auditing

pentest framework

A tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo for linux privilege escalation.

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能

A framework that create an advanced stealthy dropper that bypass most AVs and have a lot of tricks

Webshell Manager

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

vulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

Kali Linux 工具合集中文说明书

The opposite of Ruler, provides blue teams with the ability to detect Ruler usage against Exchange.

🔎 Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.

Automated Instagram Unfollower Bot

Gives you one-liners that aids in penetration testing operations, privilege escalation and more