2163 Open source projects that are alternatives of or similar to Cerberus

Recsech is a tool for doing Footprinting and Reconnaissance on the target web. Recsech collects information such as DNS Information, Sub Domains, HoneySpot Detected, Subdomain takeovers, Reconnaissance On Github and much more you can see in Features in tools .

Automated NoSQL database enumeration and web application exploitation tool.

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

Web Application Security Scanner Framework

渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms

A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).

An HTTP/HTTPS intercept proxy written in Go.

Janusec Application Gateway, Provides Fast and Secure Application Delivery. JANUSEC应用网关，提供快速、安全的应用交付。

🏴‍☠️ Information Gathering tool 🏴‍☠️ DNS / Subdomains / Ports / Directories enumeration

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

List of every possible vulnerabilities in computer security.

CloudBunny is a tool to capture the real IP of the server that uses a WAF as a proxy or protection. In this tool we used three search engines to search domain information: Shodan, Censys and Zoomeye.

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

Powerful Visual Subdomain Enumeration at the Click of a Mouse

Fully automated offensive security framework for reconnaissance and vulnerability scanning

Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.

Attack Surface Management Platform | Sn1perSecurity LLC

Tool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.

Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

Audit tool to find common vulnerabilities in PHP source code

HostHunter a recon tool for discovering hostnames using OSINT techniques.

A tool to test security of json web token

Cameradar hacks its way into RTSP videosurveillance cameras

A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.

A Python Tool For google Hacking

🔄 A collection of mitmproxy inline scripts

pentest framework

API Support for your favorite torrent trackers

A toolkit to create code-first HTTP reverse proxies on ASP.NET Core

A suite of gRPC debugging tools. Like Fiddler/Charles but for gRPC.

Golang安全资源合集

An extensible proxy for PC/Mobile/APP developer

Martian is a library for building custom HTTP/S proxies

A Powerful HTTP API Gateway in pure golang！Goku API Gateway （中文名：悟空 API 网关）是一个基于 Golang开发的微服务网关，能够实现高性能 HTTP API 转发、服务编排、多租户管理、API 访问权限控制等目的，拥有强大的自定义插件系统可以自行扩展，并且提供友好的图形化配置界面，能够快速帮助企业进行 API 服务治理、提高 API 服务的稳定性和安全性。

Vaf is a cross-platform very advanced and fast web fuzzer written in nim

TeaWeb-可视化的Web代理服务。DEMO: http://teaos.cn:7777

⚡ The one-liner node.js http-proxy middleware for connect, express and browser-sync

CloudDefense.ai is an automated web application security testing tool that audits your web applications by checking for vulnerabilities like SQL Injection, Cross-site scripting and other exploitable vulnerabilities.

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

In progress rough solutions to bWAPP / bee-box

DevBrute is a Password Brute Forcer, It can Brute Force almost all Social Media Accounts or Any Web Application.

A script to configure a TP-Link MR3040 running OpenWRT into a simple, yet powerful penetration-testing "dropbox".

A python flask app that is purposefully vulnerable to SQL injection and XSS attacks. To be used for demonstrating attacks

Quick SQL Scanner, Dorker, Webshell injector PHP

A Python Hacking Library consisting of network scanner, arp spoofer and detector, dns spoofer, code injector, packet sniffer, network jammer, email sender, downloader, wireless password harvester credential harvester, keylogger, download&execute, ransomware, data harvestors, etc.

Bypassing FILTER_SANITIZE_EMAIL & FILTER_VALIDATE_EMAIL filters in filter_var for SQL Injection ( xD )

WordPress pentest tool

Collection of several DDos tools.

Ashok is a OSINT Recon Tool , a.k.a 😍 Swiss Army knife .

Discover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…

Login hunter of default credentials for administrative web interfaces leveraging NNdefaccts dataset.

Boxer: A fast directory bruteforce tool written in Python with concurrency.

JSON RSA to HMAC and None Algorithm Vulnerability POC

The Red Rabbit project is just what a hacker needs for everyday automation. Red Rabbit unlike most frameworks out there does not automate other peoples tools like the aircrack suite or the wifite framework, it rather has its own code and is raw source with over 270+ options. This framework might just be your everyday key to your workflow

Examples of security features (or mishaps) on web applications -- these are mostly examples and tutorials from the WASEC book.

cms识别

A Tool for Domain Flyovers

No description or website provided.

Foxss is a simple php based penetration Testing Tool.Currently it will help to find XSS vulnerability in websites.