811 Open source projects that are alternatives of or similar to Di.we.h

A Collection of Notes, Methodologies, POCs and everything else related to Bug Hunting.

Your Google Recon is Now Automated

Hawkeye filesystem analysis tool

一款信息泄漏利用工具，适用于.git/.svn源代码泄漏和.DS_Store泄漏

One-click installer for Frida and Burp certs for SSL Pinning bypass

Vaf is a cross-platform very advanced and fast web fuzzer written in nim

HostHunter a recon tool for discovering hostnames using OSINT techniques.

Powerfull XSS Scanning and Parameter analysis tool&gem

Subdomain Takeover tool written in Go

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

SQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder. This extension gives you the flexibility of manual testing with many powerful evasion techniques.

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

GoFingerprint is a Go tool for taking a list of target web servers and matching their HTTP responses against a user defined list of fingerprints.

🎯 RFI/LFI Payload List

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…

Leverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.

🎯 SQL Injection Payload List

Awesome Vulnerable Applications

🔩 jwt-hack is tool for hacking / security testing to JWT. Supported for En/decoding JWT, Generate payload for JWT attack and very fast cracking(dict/brutefoce)

Micro-framework for rapid development of reusable security tools

Hacking tools

A very (very) FAST and simple subdomain finder based on online & free services. Without any configuration requirements.

Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.

The Swiss Army knife for automated Web Application Testing

⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting

A permutation generation tool written in golang

Python network worm that spreads on the local network and gives the attacker control of these machines.

Dorks for shodan.io. Some basic shodan dorks collected from publicly available data.

Remote Administration Toolkit (or Trojan) for POSiX (Linux/Unix) system working as a Web Service

A rust based cross-platform ECU diagnostics and car hacking application, utilizing the passthru protocol

Set of tools to audit SIP based VoIP Systems

A collection of personal scripts used in hacking excercises.

Vulnerability Database | huntr.dev

Cross Origin Resource Sharing MisConfiguration Scanner

Awesome-Cellular-Hacking

🎯 Server Side Template Injection Payloads

A little collection of fun and creative proof of concepts to demonstrate the potential impact of a security vulnerability.

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

Damn Vulnerable Web Application Docker container

The unofficial HackerOne disclosure Timeline

An Arduino based music visualizer using the FastLED library and a strip of individually addressable LEDs

🏴‍☠️ Information Gathering tool 🏴‍☠️ DNS / Subdomains / Ports / Directories enumeration

Full Speed Instagram Cracker

Automating XSS using Bash

📡 A python program to create a fake AP and sniff data.

A tool to check a bunch of URLs that contain reflecting params.

Perform automated network reconnaissance scans

DNS-Discovery is a multithreaded subdomain bruteforcer.

Awesome hacking is an awesome collection of hacking tools.

Scanning APK file for URIs, endpoints & secrets.

This cheasheet is aimed at the CTF Players and Beginners to help them understand the fundamentals of Privilege Escalation with examples.

A Colab For Bug Hunting!

Know the dangers of credential reuse attacks.

Adds a customizable "Send to..."-context-menu to your BurpSuite.

Linux enumeration tool for pentesting and CTFs with verbosity levels

DDOS Tool: To take down small websites with HTTP FLOOD. Port scanner: To know the open ports of a site. FTP Password Cracker: To hack file system of websites.. Banner Grabber: To get the service or software running on a port. (After knowing the software running google for its vulnerabilities.) Web Spider: For gathering web application hacking information. Email scraper: To get all emails related to a webpage IMDB Rating: Easy way to access the movie database. Both .exe(compressed as zip) and .py versions are available in files.

Let's find someone's account

An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.

Xiaomi Smart Home Device Reverse Engineering and Hacking

🔱 [ Phishing Made Easy ] 🔱 (In Beta)