927 Open source projects that are alternatives of or similar to Cc.py

Monitor linux processes without root permissions

Hunt down the secrets from the WebArchives for Fun and Profit

⚡️An awesome list of the best Termux hacking tools

An Instagram OSINT tool to collect all the geotagged locations available on an Instagram profile in order to plot them on a map, and dump them in a JSON.

Offensive tools as Dockerfiles. Lightweight & Ready to go

A list of interesting payloads, tips and tricks for bug bounty hunters.

zynix-Fusion is a framework that aims to centralize, standardizeand simplify the use of various security tools for pentest professionals.zynix-Fusion (old name: Linux evil toolkit) has few simple commands, one of which is theinit function that allows you to define a target, and thus use all the toolswithout typing anything else.

🎯 XML External Entity (XXE) Injection Payload List

⚡️ Worlds fastest steghide cracker, chewing through millions of passwords per second ⚡️

This repository contains full code examples from the book Gray Hat C#

An OSINT CLI tool desgined to fast track IP Reputation and Geo-locaton look up for Security Analysts.

WhiteWinterWolf's PHP web shell

The fastest dork scanner written in Go.

A set of recipes useful in pentesting and red teaming scenarios

Framework designed to automate various wireless networks attacks (the project was presented on Pentester Academy TV's toolbox in 2017).

DNSProb is a tool built on top of retryabledns that allows you to perform multiple dns queries of your choice with a list of user supplied resolvers.

Ah shhgit! Find secrets in your code. Secrets detection for your GitHub, GitLab and Bitbucket repositories: www.shhgit.com

Responsive Command and Control System

A bash script for recon and DOS attacks

For all your network pentesting needs

A REST API security testing framework.

Phishing catcher using Certstream

Subdomain takeover vulnerability checker

Uses Empire's (https://github.com/BC-SECURITY/Empire) RESTful API to automate gaining Domain and/or Enterprise Admin rights in Active Directory environments using some of the most common offensive TTPs.

巡风是一款适用于企业内网的漏洞快速应急，巡航扫描系统。

Intel Owl: analyze files, domains, IPs in multiple ways from a single API at scale

⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting

secretz, minimizing the large attack surface of Travis CI

Awesome Writeups and POCs

An automated target reconnaissance pipeline.

Python3 script to perform LDAP queries and enumerate users, groups, and computers from Windows Domains. Ldap_Search can also perform brute force/password spraying to identify valid accounts via LDAP.

Comprehensive Web Based Phishing Suite for Rapid Deployment and Real-Time Alerting!

Bash script purposed for system enumeration, vulnerability identification and privilege escalation.

IP Tools To quickly get information about IP Address's, Web Pages and DNS records.

Weaponizing Live CT logs for automated monitoring of assets

An OSINT tool that allows you to draw out relationships between people on LinkedIn via endorsements/skills.

OSINT Tool to find Breached Credit Cards Information

SocialPwned is an OSINT tool that allows to get the emails, from a target, published in social networks such as Instagram, Linkedin and Twitter to find possible credentials leaks in PwnDB.

operative framework is a OSINT investigation framework, you can interact with multiple targets, execute multiple modules, create links with target, export rapport to PDF file, add note to target or results, interact with RESTFul API, write your own modules.

PHP Security Check List [ EN ] 🌋 ☣️

Passwords Recovery Tool

An advanced Twitter scraping & OSINT tool written in Python that doesn't use Twitter's API, allowing you to scrape a user's followers, following, Tweets and more while evading most API limitations.

Appsecco training course content on Attacking and Auditing Dockers Containers and Kubernetes Clusters

一款信息泄漏利用工具，适用于.git/.svn源代码泄漏和.DS_Store泄漏

Amazon S3 bucket spelunking!

locate and attack Lync/Skype for Business

A Virtual environment for Pentesting IoT Devices

Our OSCP repo: from popping shells to mental health.

File upload vulnerability scanner and exploitation tool.

A swiss army knife for pentesting networks

A Not So Very Intelligent Fuzzer: An advanced fuzzing framework designed to find vulnerabilities in C/C++ code.

👻Stowaway -- Multi-hop Proxy Tool for pentesters

Custom bash scripts used to automate various penetration testing tasks including recon, scanning, parsing, and creating malicious payloads and listeners with Metasploit.

Leverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.

mXtract - Memory Extractor & Analyzer

Notes for taking the OSCP in 2097. Read in book form on GitBook

OWASP D4N155 - Intelligent and dynamic wordlist using OSINT

A browser extension for OSINT search

An Instagram Open Source Intelligence Tool