1205 Open source projects that are alternatives of or similar to Discover

uDork is a script written in Bash Scripting that uses advanced Google search techniques to obtain sensitive information in files or directories, find IoT devices, detect versions of web applications, and so on.

😱 A curated list of amazingly awesome OSINT

asset-scan是一款适用甲方企业的外网资产周期性扫描监控系统

Multithreaded monitoring framework to detect and report newly found subdomains on a specific target using various scanning tools with support for Acunetix

People tracker on the Internet: OSINT analysis and research tool by Jose Pino

Hamburglar -- collect useful information from urls, directories, and files

🔄 A collection of mitmproxy inline scripts

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

A list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP (and more) study material. Commands in 'Usefulcommands' Keepnote. Bookmarks and reading material in 'BookmarkList' CherryTree. Reconscan Py2 and Py3. Custom ISO building.

Tool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.

Audit tool to find common vulnerabilities in PHP source code

Web Application recon automation

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

ConPtyShell - Fully Interactive Reverse Shell for Windows

Awesome Vulnerable Applications

A framework that create an advanced stealthy dropper that bypass most AVs and have a lot of tricks

Web Extension for Firefox/Chrome/MS Edge and CLI tool to save a faithful copy of an entire web page in a single HTML file

Github stargazers information gathering tool

Quack Toolkit is a set of tools to provide denial of service attacks. Quack Toolkit includes SMS attack tool, HTTP attack tool and many other attack tools.

A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests

Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.

Search and browse documents and data; find the people and companies you look for.

All about bug bounty (bypasses, payloads, and etc)

Australian Open Source Intelligence Gathering Resources, Australias Largest Open Source Intelligence Repository for Cyber Professionals and Ethical Hackers

A proof of concept injectable C++ dll, that uses naked inline hooking and direct memory modification to change your TeamViewer permissions.

A tool to test security of json web token

A Powershell client for dnscat2, an encrypted DNS command and control tool.

OSINT tools catalog

Ah shhgit! Find secrets in your code. Secrets detection for your GitHub, GitLab and Bitbucket repositories: www.shhgit.com

File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

A (partial) Python rewriting of PowerSploit's PowerView

Forward shell generation framework

🔍 Tool for - Host Discovery, Port Scanning and Operating System Fingerprinting

Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands on training!

Domain name permutation engine written in Go

Cat-Nip Automated Basic Pentest Tool - Designed For Kali Linux

NIST Certified SCAP 1.2 toolkit

A collection of PowerShell modules designed for artifact gathering and reconnaisance of Windows-based endpoints.

web scanner - exploitation - information gathering

Penetration Testing Platform

Automatic Enumeration Tool based in Open Source tools

Коллекция материалов по OSINT для нетсталкинга

Sane command-line scan-to-pdf script on Linux with OCR and deskew support

🔓Subdomain enumeration and information gathering tool

This repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions

🐶 A curated list of Web Security materials and resources.

Affordable WiFi hacking platform for testing and learning

渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

Self contained htaccess shells and attacks

Benchmarking repo for secrets scanning

Hunt down the secrets from the WebArchives for Fun and Profit

Advanced reconnaissance utility

SocialPwned is an OSINT tool that allows to get the emails, from a target, published in social networks such as Instagram, Linkedin and Twitter to find possible credentials leaks in PwnDB.

A fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.

A penetration testing tool for finding file upload bugs (NDSS 2020)

A collection of various awesome lists for hackers, pentesters and security researchers

The Shadow Attack Framework

Morpheus - Automating Ettercap TCP/IP (MITM-hijacking Tool)