1481 Open source projects that are alternatives of or similar to Dalfox

Perform advanced MiTM attacks on websites with ease 💉

Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.

The swiss army knife for Magento developers, sysadmins and devops. The tool provides a huge set of well tested command line commands which save hours of work time. All commands are extendable by a module API.

K8Cscan大型内网渗透自定义插件化扫描神器，包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用，程序采用多线程批量扫描大型内网多个IP段C段主机，目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本，支持Cobalt Strike联动

A Powerful Subdomain Takeover Tool

Mining parameters from dark corners of Web Archives

Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.

A collection of awesome one-liner scripts especially for bug bounty tips.

RouterOS Security Research Tooling and Proof of Concepts

A list of resources for those interested in getting started in bug bounties

WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites.

A CLI tool to convert CSV / Excel / HTML / JSON / Jupyter Notebook / LDJSON / LTSV / Markdown / SQLite / SSV / TSV / Google-Sheets to a SQLite database file.

Java DSL for easy testing of REST services

🦄 Simple HTTP and REST client for Unity based on Promises, also supports Callbacks! 🎮

Interact with REST services in an ActiveRecord-like manner

Restangular for Angular 2 and higher versions

C# application with primary purpose of idling Steam cards from multiple accounts simultaneously.

Packer Fuzzer is a fast and efficient scanner for security detection of websites constructed by javascript module bundler such as Webpack.

Automatic SQL injection with Charles and sqlmap api

Mass scan IPs for vulnerable services

OWASP WEB Directory Scanner

goscan is a simple and efficient IPv4 network scanner that discovers all active devices on local subnet.

A powerful hacker toolkit collected more than 10 categories of open source scanners from Github - 安全行业从业者自研开源扫描器合辑

Smooth (CLI) Operator 🎶

🔭 Goggles is a cross-platform GUI for your $GOPATH!

Generate APIs from SQL Queries

🔪Browser logic vulnerabilities ☠️

A boilerplate for REST API Development with Node.js, Express, and MongoDB

一款完善的安全评估工具，支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档

Making Favicon.ico based Recon Great again !

Fabulously kill processes. Cross-platform.

LUYA is a scalable web framework and content management system with the goal to please developers, clients and users alike.

Golang binaries compiled on-demand for your system

Automated Red Team Infrastructure deployement using Docker

(Official) The DSpace digital asset management system that powers your Institutional Repository

Web Framework to build REST APIs, Webservices or any HTTP endpoint in C language. Can stream large amount of data, integrate JSON data with Jansson, and create websocket services

Vulnerability Patterns Detector for C# and VB.NET

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Firewall bypass script based on DNS history records. This script will search for DNS A history records and check if the server replies for that domain. Handy for bugbounty hunters.

Flask + marshmallow for beautiful APIs

🎨 Beautiful images of your code — from right inside your terminal.

Modern Django: A Guide on How to Deploy Django-based Web Applications in 2017

Capture screenshots of websites from the command-line

Code scanner library for Android, based on ZXing

A Gtk/Qt front-end to tesseract-ocr.

A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.

A Laravel Admin Panel (Laravel Version : 6.0)

REST API boilerplate using NodeJS and KOA2, typescript. Logging and JWT as middlewares. TypeORM with class-validator, SQL CRUD. Docker included. Swagger docs, actions CI and valuable README

RESTHeart - The REST API for MongoDB

The Rick and Morty API

Swagger 2.0 middlware and mocks for Express.js

A springboot starter for retrofit, and supports many functional feature enhancements, greatly simplifying development.（实现了Retrofit与spring-boot框架快速整合，并支持了诸多功能增强，极大简化开发）

📒 NotyKT is a complete 💎Kotlin-stack (Backend + Android) 📱 application built to demonstrate the use of Modern development tools with best practices implementation🦸.

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

被动式漏洞扫描系统

🎯 Command Injection Payload List

XssPayload List . Usage:

Solidarity is an environment checker for project dependencies across multiple machines.

🛡 The independent, comprehensive directory of filter and host lists for advertisements, trackers, malware, and annoyances.

❓🖼 Find the anime scene by image using your terminal