814 Open source projects that are alternatives of or similar to Contact.sh

A collection of awesome security hardening guides, tools and other resources

Trace Labs OSINT Linux Distribution based on Kali.

Powerful plugins and add-ons for hackers

A proposed standard that allows websites to define security policies.

pagodo (Passive Google Dork) - Automate Google Hacking Database scraping and searching

Burp Suite extension to discover assets from HTTP response.

Common password pattern generator using strings list

A collection of awesome one-liner scripts especially for bug bounty tips.

Community curated list of templates for the nuclei engine to find security vulnerabilities.

Powerfull XSS Scanning and Parameter analysis tool&gem

Bringing you the best of the worst files on the Internet.

Reconnaissance tool for GitHub organizations

ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产，构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产，发现存在的薄弱点和攻击面。

Kurukshetra - A framework for teaching secure coding by means of interactive problem solving.

🔥 A powerful MongoDB auditing and pentesting tool 🔥

Repo replaced by cogsec-collaborative/AMITT

Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords

Framework для сбора данных из открытых источников. В Framework используется большое количество API, их необходимо зарегистрировать самому.​

E-mails, subdomains and names Harvester - OSINT

XRCross is a Reconstruction, Scanner, and a tool for penetration / BugBounty testing. This tool was built to test (XSS|SSRF|CORS|SSTI|IDOR|RCE|LFI|SQLI) vulnerabilities

Automated Red Team Infrastructure deployement using Docker

Grawler is a tool written in PHP which comes with a web interface that automates the task of using google dorks, scrapes the results, and stores them in a file.

🔎 Hunt down social media accounts by username across social networks

🎯 Server Side Template Injection Payloads

A curated list of various bug bounty tools

Python library and CLI for accurately querying username and email usage on online platforms

Tutorials and Things to Do while Hunting Vulnerability.

Tools of "The Bug Hunters Methodology V2 by @jhaddix"

Wireshark Cheat Sheet

Find exploits in local and online databases instantly

A collection of resources/documentation/links/etc to help people learn about Infosec and break into the field.

⚡️An awesome list of the best Termux hacking tools

Hacking tools

A list to discover work of red team tooling and methodology for penetration testing and security assessment

Username recognition on various websites.

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

OSINT Tool: Generate username lists for companies on LinkedIn

Darknet OSINT Transform

A browser extension for OSINT search

Automated network asset, email, and social media profile discovery and cataloguing.

Darknet Osint Graph Explorer

🔎Searches Hash APIs to crack your hash quickly🔎 If hash is not found, automatically pipes into HashCat⚡

Hawkeye filesystem analysis tool

Bloodhound for Blue and Purple Teams

Penetration tests guide based on OWASP including test cases, resources and examples.

Dradis Framework: Colllaboration and reporting for IT Security teams

A vulnerable iOS App with Security Challenges for the Security Researcher inside you.

Fast web fuzzer written in Go

Command line tool for testing CRLF injection on a list of domains.

Extract and aggregate threat intelligence.

OSINT Tool to find Breached Credit Cards Information

Find cloud assets that no one wants exposed 🔎 ☁️

jsonp is a Burp Extension which attempts to reveal JSONP functionality behind JSON endpoints. This could help reveal cross-site script inclusion vulnerabilities or aid in bypassing content security policies.

Australian Open Source Intelligence Gathering Resources, Australias Largest Open Source Intelligence Repository for Cyber Professionals and Ethical Hackers

Smart OSINT collection of common IOC types

ReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.

OSINT tools catalog

Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting

Email OSINT & Password breach hunting tool, locally or using premium services. Supports chasing down related email

The format of various s3 buckets is convert in one format. for bugbounty and security testing.