1067 Open source projects that are alternatives of or similar to Catnip

Multi OTP Spam Amp/Paralell threads

Continuously monitor your AWS services for configurations that can lead to degradation of confidentiality, integrity or availability. All results will be sent to Security Hub for further aggregation and analysis.

😹 Tomcter is a python tool developed to bruteforce Apache Tomcat manager login with Apache Tomcat default credentials.

Gives you one-liners that aids in penetration testing operations, privilege escalation and more

Misc. Public Reports of Penetration Testing and Security Audits.

python3写的综合扫描工具，主要用来存活验证，敏感文件探测(目录扫描/js泄露接口/html注释泄露)，WAF/CDN识别，端口扫描，指纹/服务识别，操作系统识别，POC扫描，SQL注入，绕过CDN，查询旁站等功能，主要用来甲方自测或乙方授权测试，请勿用来搞破坏。

grep rough audit - source code auditing tool

Find exploit tool

System Optimizer and Monitoring, Security Auditing, Vulnerability scanner for Linux, macOS, and UNIX-based systems

X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

Fully automated offensive security framework for reconnaissance and vulnerability scanning

Web-based Source Code Vulnerability Scanner

ssh mitm server for security audits supporting public key authentication, session hijacking and file manipulation

bingip2hosts is a Bing.com web scraper that discovers websites by IP address

🔨 Manage your website via terminal

👻Impost3r -- A linux password thief

Security Orchestration, Automation and Response (SOAR) Platform. 安全编排与自动化响应平台，无需编写代码的安全自动化，使用 SOAR 可以让团队工作更加高效

network visualization & vulnerability management/reporting

a tool to analyze filesystem images for security

Open source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.

A next generation version of enum4linux (a Windows/Samba enumeration tool) with additional features like JSON/YAML export. Aimed for security professionals and CTF players.

Attack Surface Management Platform | Sn1perSecurity LLC

JustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)

All releases of the security research group (a.k.a. hackers) The Hacker's Choice

Wi-Fi tools keep getting more and more accessible to beginners, and the Ehtools Framework is a framework of serious penetration tools that can be explored easily from within it. This powerful and simple tool can be used for everything from installing new add-ons to grabbing a WPA handshake in a matter of seconds. Plus, it's easy to install, set up, and utilize.

🎖safely* install packages with npm or yarn by auditing them as part of your install process

A ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network

"Кали-заменитель". Располагает в себе большое количество утилит для взлома.

ODAT: Oracle Database Attacking Tool

API, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

MSDAT: Microsoft SQL Database Attacking Tool

本程序旨在为安全应急响应人员对Linux主机排查时提供便利，实现主机侧Checklist的自动全面化检测，根据检测结果自动数据聚合，进行黑客攻击路径溯源。

Pentest environment deployer (kali linux + targets) using vagrant and chef.

InQL - A Burp Extension for GraphQL Security Testing

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

pentest framework

Ladon Network Penetration Scanner for PowerShell, vulnerability / exploit / detection / MS17010/SmbGhost,Brute-Force SMB/IPC/WMI/NBT/SSH/FTP/MSSQL/MYSQL/ORACLE/VNC

Linux命令转发记录

Container with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters

Tool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.

Kali Linux 工具合集中文说明书

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

MSFvenom Payload Creator (MSFPC)

Open-Source Security Architecture | 开源安全架构

jSQL Injection is a Java application for automatic SQL database injection.

Most usable tools for iOS penetration testing

👶 BabySploit Beginner Pentesting Toolkit/Framework Written in Python 🐍

Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

Simple Golang HTTPS/TLS Examples

vulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}

A framework that create an advanced stealthy dropper that bypass most AVs and have a lot of tricks

CVE-2016-8610 (SSL Death Alert) PoC

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能

Scripts to gather system configuration information for offline/remote auditing

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

Security program for recovering passwords and pen-testing servers, routers and IoT devices using brute-force password attacks.

This powershell script has got to run in remote hacked windows host, even for pivoting

Devil is a tool that is basically made for facebook to Hack target accounts , BruteForce Attack , grab friendlist accounts , yahoo chacker , Facbook Friend information gathering tool , auto likes reactions & much more i hope you enjoy this tool i'm not responsible if you use this tool for any illegal purpose