312 Open source projects that are alternatives of or similar to DeadDNS

Information Security Library

Scan secrets from Continuous Integration Build Logs

A collection of some of my scripts

apkizer is a mass downloader for android applications for all available versions.

Extracting URLs of a specific target based on the results of "commoncrawl.org"

This document proposes a way of standardising the structure, language, and grammar used in security policies.

Simple shell script for automated domain recognition with some tools

Inventus is a spider designed to find subdomains of a specific domain by crawling it and any subdomains it discovers.

Swiftly search FDNS datasets from Rapid7 Open Data

Kali Intelligence Suite (KIS) shall aid in the fast, autonomous, central, and comprehensive collection of intelligence by executing standard penetration testing tools. The collected data is internally stored in a structured manner to allow the fast identification and visualisation of the collected information.

Bucket Flaws ( S3 Bucket Mass Scanner ): A Simple Lightweight Script to Check for Common S3 Bucket Misconfigurations

Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting

An OSINT tool to find contacts in order to report security vulnerabilities.

Fast and customizable vulnerability scanner For JIRA written in Python

"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.

Pentest/BugBounty progress control with scanning modules

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

A curated list of awesome blogs and tools about HTTP request smuggling attacks. Feel free to contribute! 🍻

qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.

Gosint is a distributed asset information collection and vulnerability scanning platform

Poor (rich?) man's bug bounty pipeline

A tool to automate the boring process of APK recon

Turn your VPS into an attack box

🔺 Red Team Hardware Toolkit 🔺

A tool to fastly get all javascript sources/files

Related subdomains finder

Simple vueJS based command generator which I developed in order to learn vueJS a little bit more.

Collection grep patterns for Tom Hudson a.k.a Tomnomnom tools namely gf

Mass querying whois records

RAS(RAndom Subdomain) Fuzzer

CVE-2017-9506 - SSRF

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

Bug's feed is a local hosted portal where you can search for the latest news, videos, CVEs, vulnerabilities...

XRCross is a Reconstruction, Scanner, and a tool for penetration / BugBounty testing. This tool was built to test (XSS|SSRF|CORS|SSTI|IDOR|RCE|LFI|SQLI) vulnerabilities

Intentionally vulnerable Android application.

挖掘国内外漏洞平台必备的自动化捡钱赏金技巧，看了并去做了捡钱如喝水。

Toolset for detecting reflected xss in websites

Default signature for Jaeles Scanner

Jasmin Ransomware is an advanced red team tool (WannaCry Clone) used for simulating real ransomware attacks. Jasmin helps security researchers to overcome the risk of external attacks.

Tools of "The Bug Hunters Methodology V2 by @jhaddix"

Pentest: Subdomains enumeration tool for penetration testers.

Python library and CLI for the Bug Bounty Recon API

Unleash the power of cloud

Leverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.

GradeJS analyzes production Webpack bundles without having access to the source code of a website. Instantly see vulnerabilities, outdated packages, and more just by entering a web application URL.

A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).

Rescope is a tool geared towards pentesters and bugbounty researchers, that aims to make life easier when defining scopes for Burp Suite and OWASP ZAP.

Fleex makes it easy to create multiple VPS on cloud providers and use them to distribute workloads.

Repositório com conteúdo sobre web hacking em português

Tool to bypass 40X response codes.

Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting

Scanning APK file for URIs, endpoints & secrets.

🎯 Server Side Template Injection Payloads

Vaf is a cross-platform very advanced and fast web fuzzer written in nim

🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List

A little collection of fun and creative proof of concepts to demonstrate the potential impact of a security vulnerability.

A very (very) FAST and simple subdomain finder based on online & free services. Without any configuration requirements.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Subdomains-enumeration, subdomain-takeover monitoring api and S3 bucket scanner.