2323 Open source projects that are alternatives of or similar to Dirsearch

Osintgram is a OSINT tool on Instagram. It offers an interactive shell to perform analysis on Instagram account of any users by its nickname

This Script will produce all of the WPA2 Passwords used by various Router companies aswell as Fritzbox. All of these Passwords will be 16 Numbers in length. So it could get a bit large.

Additional Resources For Securing The Stack Tutorials

Bypassing FILTER_SANITIZE_EMAIL & FILTER_VALIDATE_EMAIL filters in filter_var for SQL Injection ( xD )

Zero-setup SSH-based scanner with extensive visualizations for Debian server inventory, policy compliance and vulnerabilities

Mutation Based Fuzzer for IEC61850 Server IED'S

💣 Impulse Denial-of-service ToolKit

expansion of afl-unicorn using c++

Exploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)

graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology is behind a given GraphQL endpoint.

Some good resources for getting started with application security

Http request smuggling vulnerability scanner

Framework For Exploring kernel vulnerabilities, network vulnerabilities ✨

DotDotPwn - The Directory Traversal Fuzzer

Mass querying whois records

Obtain GraphQL API Schema even if the introspection is not enabled

🔗 Don't know what type of hash it is? Name That Hash will name that hash type! 🤖 Identify MD5, SHA256 and 3000+ other hashes ☄ Comes with a neat web app 🔥

Port of Wappalyzer (uncovers technologies used on websites) to automate mass scanning.

Go library for credentials recovery

A fast DOM based XSS vulnerability scanner with simplicity.

WordPress pentest tool

onex is a hacking tool installer and package manager for hackers. Onex is a library of all hacking tools for Termux and other Linux distributions. onex can install any third party tool or any hacking tool for you.

Script to spider a website and find publicly open S3 buckets

Find host header injections and perform Host Header attacks with other kind of bugs like web cache poissoning

Find exposed API keys based on RegEx and get exploitation methods for some of keys that are found

Personal CTF Toolkit

Automatically Launch Google Hacking Queries Against A Target Domain

A very (very) FAST and simple subdomain finder based on online & free services. Without any configuration requirements.

A list of interesting payloads, tips and tricks for bug bounty hunters.

Totally Insecure Web Application Project (TIWAP)

run AFL with pintool

A collected list of awesome security talks

Quack Toolkit is a set of tools to provide denial of service attacks. Quack Toolkit includes SMS attack tool, HTTP attack tool and many other attack tools.

goverview - Get an overview of the list of URLs

Ashok is a OSINT Recon Tool , a.k.a 😍 Swiss Army knife .

A web front-end for password cracking and analytics

This repo is about @harshbothra_ 365 days of learning Tweet & Mindmap collection

This repository contains full code examples from the book Gray Hat C#

Astra is a tool to find URLs and secrets inside a webpage/files

JSON RSA to HMAC and None Algorithm Vulnerability POC

a fast password wordlist generator, Smartlist creation and password hybrid-mask analysis tool written in pure safe Rust

SQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder. This extension gives you the flexibility of manual testing with many powerful evasion techniques.

This document proposes a way of standardising the structure, language, and grammar used in security policies.

A "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)

Audit tool to find common vulnerabilities in PHP source code

Full Nuclei automation script with logic explanation.

Collection of penetration test reports and pentest report templates. Published by the the best security companies in the world.

Jasmin Ransomware is an advanced red team tool (WannaCry Clone) used for simulating real ransomware attacks. Jasmin helps security researchers to overcome the risk of external attacks.

🔑 Hash type identifier (CLI & lib)

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

coverage guided fuzz testing for javascript

🦁 Juumla is a python tool created to identify Joomla version, scan for vulnerabilities and search for config or backup files.

Go Web Application Penetration Test

Automated script to run all modules for a specified list of domains, netblocks or company name

DNS Rebinding Exploitation Framework

Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place

The fastest dork scanner written in Go.

HTTP Request Smuggling over HTTP/2 Cleartext (h2c)

My personal bug bounty toolkit.

Captive wifi hotspot bypass tool for Linux