5294 Open source projects that are alternatives of or similar to Deimosc2

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

Find cloud assets that no one wants exposed 🔎 ☁️

A Docker-based installer and runtime for Symfony. Install: download and `docker-compose up`.

A flexible control server for osquery fleets

Webshell Manager

Use ExpiredDomains.net and BlueCoat to find useful domains for red team.

DEPRECATED: The community driven fork of Iris. The fastest web framework for Golang!

Fast web fuzzer written in Go

Python script to detect vulnerabilities inside PHP source code using static analysis, based on regex

Dorothy is a tool to test security monitoring and detection for Okta environments

secureCodeBox (SCB) - continuous secure delivery out of the box

All-in-one tool for managing vulnerability reports from AppSec pipelines

A Golang Reverse Shell w/ a Tmux-driven psuedo-C2 Interface

An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.

Common password pattern generator using strings list

A Blazing fast Security Auditing tool for Kubernetes

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…

🔗 Don't know what type of hash it is? Name That Hash will name that hash type! 🤖 Identify MD5, SHA256 and 3000+ other hashes ☄ Comes with a neat web app 🔥

Hide secrets with invisible characters in plain text securely using passwords 🧙🏻‍♂️⭐

Intel Owl: analyze files, domains, IPs in multiple ways from a single API at scale

⚙️ NGINX config generator on steroids 💉

🦁 Juumla is a python tool created to identify Joomla version, scan for vulnerabilities and search for config or backup files.

Monitoring GitHub for sensitive data shared publicly

The practical HTTP client that is fun to use.

Python 3.5+ DNS asynchronous brute force utility

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

An OSINT Metadata analyzing tool that filters through tags and creates reports

Adversary Simulation Framework

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

protocol fuzzing toolkit

Container with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters

Tool made to automate tasks of pentesting.

The Swiss Army knife for automated Web Application Testing

Cameradar hacks its way into RTSP videosurveillance cameras

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

Dashboard to collect, analyze, and respond to reported phishing emails.

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

🥧 Savoury implementation of the QUIC transport protocol and HTTP/3

libcurl bindings for Node.js

Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues

Scrapes Router Passwords From http://www.routerpasswords.com ,more then +300 product

Files to automate the deploy of letsencrypt certificates to Zimbra

Automated NoSQL database enumeration and web application exploitation tool.

Some of the best web shells that you might need!

HTTPS server running on localhost

Exploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)

A simple remote tool in C#.

GO Simple Tunnel - a simple tunnel written in golang

Async-friendly QUIC implementation in Rust

Pode is a Cross-Platform PowerShell web framework for creating REST APIs, Web Sites, and TCP/SMTP servers

Extract subdomains from SSL certificates in HTTPS sites.

🤖 The Modern Port Scanner 🤖

HTTP Request Smuggling over HTTP/2 Cleartext (h2c)

Performing security tests inside your CI

Simple Golang HTTPS/TLS Examples

We propose a user-friendly add-on that allows you to check if your encrypted web traffic (SSL/TLS) towards secured Internet servers (HTTPS) is not intercepted (being listened to).

A community contributed consolidated list of InfoSec meetups in the Asia Pacific region.

⬆️ ☠️ Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, polkit, docker socket

Tests for race conditions in web applications. Includes a RESTful API to integrate into a continuous integration pipeline.