927 Open source projects that are alternatives of or similar to Cc.py

Detects the algorithm of input JWT Token and provide options to generate the new JWT token based on the user selected algorithm.

Python 3.5+ DNS asynchronous brute force utility

Offensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.

SecurityExplained is a new series after the previous learning challenge series #Learn365. The aim of #SecurityExplained series is to create informational content in multiple formats and share with the community to enable knowledge creation and learning.

my oscp prep collection

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

A tool to hunt for publicly accessible DigitalOcean Spaces

A Powerful Subdomain Takeover Tool

OSINT Tool: Generate username lists for companies on LinkedIn

Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.

Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting

Quiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.

ReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.

A Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.

Dump exposed HTTP .git fast

A simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support

This repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions

Discover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty

Kali Intelligence Suite (KIS) shall aid in the fast, autonomous, central, and comprehensive collection of intelligence by executing standard penetration testing tools. The collected data is internally stored in a structured manner to allow the fast identification and visualisation of the collected information.

Nuubi Tools (Information-ghatering|Scanner|Recon.)

A fast DOM based XSS vulnerability scanner with simplicity.

A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.

An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.

Tool to automate common OSINT tasks

Rescope is a tool geared towards pentesters and bugbounty researchers, that aims to make life easier when defining scopes for Burp Suite and OWASP ZAP.

File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

OSINT Tool For Scraping Dark Websites

A tool to automate the boring process of APK recon

Modules for expansion services, import and export in MISP

An automatic SQL Injection tool which takes advantage of ~DorkNet~ Googler, Ddgr, WhatWaf and sqlmap.

A portable OSINT Swiss Army Knife for DFIR/OSINT professionals 🕵️ 🕵️ 🕵️

Decode All Bases - Base Scheme Decoder

LinkedIn enumeration tool to extract valid employee names from an organization through search engine scraping

A backdoor with a multitude of features.

ASN / RPKI validity / BGP stats / IPv4v6 / Prefix / URL / ASPath / Organization / IP reputation and geolocation lookup tool / Traceroute server

OSINT Framework

Tutorials and Things to Do while Hunting Vulnerability.

HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.

A simple SSRF-testing sheriff written in Go

A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.

Captcha Intruder (CIntrud3r) is an automatic pentesting tool to bypass captchas.

PHP function tracker

Finding potential software vulnerabilities from git commit messages

DNS-Persist is a post-exploitation agent which uses DNS for command and control.

⚡️ Worlds fastest steghide cracker, chewing through millions of passwords per second ⚡️

DNSProb is a tool built on top of retryabledns that allows you to perform multiple dns queries of your choice with a list of user supplied resolvers.

A Github organization reconnaissance tool.

Awesome Writeups and POCs

Simple shell script for automated domain recognition with some tools

A Bash script and Docker image for Bug Bounty reconnaissance. Intended for headless use.

AWS Identity and Access Management Visualizer and Anomaly Finder

Automation Recon tool which works with Large & Medium scopes. It performs more than 20 tasks and gets back all the results in separated files.

OSINT Tool to find Breached Credit Cards Information

A Virtual environment for Pentesting IoT Devices

A Python tool used to automate the execution of the following tools : Nmap , Nikto and Dirsearch but also to automate the report generation during a Web Penetration Testing

🌔 Official Repository for DarkSpiritz Penetration Framework | Written in Python 🐍

Discover internet-wide misconfigurations while drinking coffee

MISP trainings, threat intel and information sharing training materials with source code

Phishing Tool & Information Collector

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻