886 Open source projects that are alternatives of or similar to Dirsearch

Scripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient

Tools for Bug Hunting

An information gathering tool to collect git commit emails in version control host services

Enumeration sub domains(枚举子域名)

A fast web directory/file enumeration tool written in Rust

Command-line passphrase generator

🎯 Server Side Template Injection Payloads

🧰 A zero trust swiss army knife for working with X509, OAuth, JWT, OATH OTP, etc.

outis is a custom Remote Administration Tool (RAT) or something like that. It was build to support various transport methods (like DNS) and platforms (like Powershell).

exploit

Android library to reveal or obfuscate strings and assets at runtime

A CLI tool for automating the importing, securing and usage of NordVPN (and in the future, more) OpenVPN servers through NetworkManager.

A command line security audit tool for Amazon Web Services

Instagram password bruteforcer

被动式漏洞扫描系统

Exporter is a Burp Suite extension to copy a request to the clipboard as multiple programming languages functions.

Hacker tools on Go (Golang)

The full story of the CLR implementation of Meterpreter

Kubernetes Common Configuration Scoring System

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

Exploit management framework

(Python) Program to simulate multiple sessions on adidas queue pages.

Daemon to ban hosts that cause multiple authentication errors

How to prepare for OSCP complete guide

Web Content Discovery Tool

Let's you perform domain/IP information gathering... in BASH! Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?"

Collection of PowerShell functions a Red Teamer may use to collect data from a machine

Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.

Collection of the most common vulnerabilities found in iOS applications

macOS keychain cracking tool

IBM Fully Homomorphic Encryption Toolkit For Linux. This toolkit is a Linux based Docker container that demonstrates computing on encrypted data without decrypting it! The toolkit ships with two demos including a fully encrypted Machine Learning inference with a Neural Network and a Privacy-Preserving key-value search.

🚿 Sanitising your documents, one threat at a time. — Content Disarm & Reconstruction Software

An OSINT Metadata analyzing tool that filters through tags and creates reports

Passively scan for Bluetooth Low Energy devices and attempt to fingerprint them

Program to reverse Docker images into Dockerfiles

A tool for auditing security properties of GCP projects.

A cross-platform note-taking & target-tracking app for penetration testers.

Qualys sslabs-scan utility in a tiny docker image

Awesome PHP Security Resources 🕶🐘🔐

(Doesn't work anymore)

bug bounty hunters starter notes

Some of the best web shells that you might need!

A tool for bug hunting or pentesting for targeting websites that have open .git repositories available in public

Detection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.

Script for automatic scanning & brute-force RDP

Bruteforce protection for Django projects based on Redis. Simple, powerful, extendable.

A powerful admin login page finder in python

Harden the world is a community driven project to develop hardening guidelines and checklists for common software and devices.

Secure, human-friendly, cross-platform secrets and config.

HOSTS file and research project to block all known NSA / GCHQ / C.I.A. / F.B.I. spying server

Cloud Discovery provides a point in time enumeration of all the cloud native platform services

kernel privilege escalation enumeration and exploitation framework

Tools to automate and/or expedite response.

Striker is an offensive information and vulnerability scanner.

Algorithms to re-compute a private key, to fake signatures and some other funny things with Bitcoin.

Work in progress firewall for Linux syscalls, written in Rust

BruteForce Tool For both Instagram and Facebook

Test the accuracy of Endpoint Detection and Response (EDR) software with simple script which executes various ATT&CK/LOLBAS/Invoke-CradleCrafter/Invoke-DOSfuscation payloads

This is the full file system fuzzing framework that I presented at the Hack in the Box 2020 Lockdown Edition conference in April.

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能