1028 Open source projects that are alternatives of or similar to Cloudbunny

一款功能强大的漏洞扫描器，子域名爆破使用aioDNS，asyncio异步快速扫描，覆盖目标全方位资产进行批量漏洞扫描，中间件信息收集，自动收集ip代理，探测Waf信息时自动使用来保护本机真实Ip，在本机Ip被Waf杀死后，自动切换代理Ip进行扫描，Waf信息收集(国内外100+款waf信息)包括安全狗，云锁，阿里云，云盾，腾讯云等，提供部分已知waf bypass 方案，中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等)，支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能

Script collection to bypass Network Access Control (NAC, 802.1x)

Its a framework filled with alot of options and hacking tools you use directly in the script from brute forcing to payload making im still adding more stuff i now have another tool out called htkl-lite its hackers-tool-kit just not as big and messy to see updates check on my instagram @tuf_unkn0wn or if there are any problems message me on instagram

Collection of quality safety articles. Awesome articles.

Load shellcode via HELLGATE, Rewrite hellgate with .net framework for learning purpose.

Tool for port forwarding & intranet proxy

A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques

A list of payload and bypass lists for penetration testing and red team infrastructure build.

Penetration tests guide based on OWASP including test cases, resources and examples.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Dorks for shodan.io. Some basic shodan dorks collected from publicly available data.

pentest framework

TeaWeb-可视化的Web代理服务。DEMO: http://teaos.cn:7777

Selenium powered Python script to automate searching for vulnerable web apps.

🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.

OSINT Swiss Army Knife

A poorman's proxycannon and botnet, using docker, ovpn files, and a dante socks5 proxy

python3写的综合扫描工具，主要用来存活验证，敏感文件探测(目录扫描/js泄露接口/html注释泄露)，WAF/CDN识别，端口扫描，指纹/服务识别，操作系统识别，POC扫描，SQL注入，绕过CDN，查询旁站等功能，主要用来甲方自测或乙方授权测试，请勿用来搞破坏。

Load a fresh new copy of ntdll.dll via file mapping to bypass API inline hook.

Detect and bypass web application firewalls and protection systems

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)

Open source all-in-one CLI tool to semi-automate pentesting.

No description or website provided.

🥀 Search Engine Tookit，URL采集、Favicon哈希值查找真实IP、子域名查找

parse nmap files

ICS security resources

A disk cleaning utility for developers.

A simple SSH bruteforce script targeting (not necessarily) Raspbian devices.

Overlord - Red Teaming Infrastructure Automation

Subdomain enumeration through various techniques

Pentest/BugBounty progress control with scanning modules

Command line tool that allows you to explore IoT devices by using Shodan API.

Web Recon & Exploitation Tool.

A Modular Framework for the Automated Vulnerability Analysis in IP-based Networks

INFINI-GATEWAY(极限网关), a high performance and lightweight gateway written in golang, for elasticsearch and his friends.

Proxy server for adding push to your API

Pentesting framework using Node.js powers, focused in VoIP.

Bypass it, you won't be Banned when playing cheats 2022

Lightweight In-App Web Application Firewall for PHP

Simple method of checking whether or not mouse movement or buttons (<windows 10) are injected

🌑 R package to work with the Shodan API

免杀 defender 360 cobalstrike shellcode

代理IP 采集程序

Nginx-Lua-WAF是一款基于Nginx的使用Lua语言开发的灵活高效的Web应用层防火墙

thelordseye searches and returns detailed information about devices that are directly connected to the internet [IoT] (Smart TV's, Fridges, Webcams, Traffic Lights etc).

Mega nz heroku index, Serves mega.nz to http via heroku web. It Alters downloading speed and stability

No description or website provided.

Different utility scripts for pentesting and hacking.

Yet Another PHP Shell - The most complete PHP reverse shell

☢ Make Your React App Truly Reactive!

Free advanced and modern Windows botnet with a nice and secure PHP panel.

HTTP API Gateway

A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.

Scraps for publicly accessible MongoDB instances and dumps user passwords

WireBug is a toolset for Voice-over-IP penetration testing

😹 Tomcter is a python tool developed to bruteforce Apache Tomcat manager login with Apache Tomcat default credentials.

Password-protected writeups of HTB platform (challenges and boxes) https://cesena.github.io/

🔓 Web extension for reading articles locked behind paywalls of over 50 german newspapers, e.g. Frankfurter Allgemeine Zeitung, Leipziger Volkszeitung & Hamburger Abendblatt

虚拟host解决方案，轻松实现两套host环境

x-frame-options bypass