1152 Open source projects that are alternatives of or similar to Dnsmorph

Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation

Domain name permutation engine for detecting typo squatting, phishing and corporate espionage

This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.

Bilingual PhishingKit. TigerShark intergrates a vast array of various phishing tools and frameworks, from C2 servers, backdoors and delivery methods in multiple scripting languages in order to suit whatever your deployment needs may be.

Phishing catcher using Certstream

recon-ng modules for Censys

StalkPhish - The Phishing kits stalker, harvesting phishing kits for investigations.

network reconnaissance toolkit

All releases of the security research group (a.k.a. hackers) The Hacker's Choice

Intel Owl: analyze files, domains, IPs in multiple ways from a single API at scale

CLI tool for open source and threat intelligence

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

Extract subdomains from SSL certificates in HTTPS sites.

🚌 The missing link to connect open-source threat intelligence tools.

Extract and aggregate threat intelligence.

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

Web path scanner

hydra

pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)

Tool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.

The SOC Analysts all-in-one CLI tool to automate and speed up workflow.

Passhunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.

With the hope that someone finds the data useful, we periodically publish an archive of almost all of the non-sensitive vulnerability information in our vulnerability reports database. See also https://github.com/CERTCC/Vulnerability-Data-Archive-Tools

ioc2rpz is a place where threat intelligence meets DNS.

A dashboard for a real-time overview of threat intelligence from MISP instances

DNS filter-/blocklists | safe. private. clean. browsing!

Defanged Indicator of Compromise (IOC) Extractor.

Tool Information Gathering Write By Python.

A tool to automate penetration tests

Phishing Domains, urls websites and threats database. We use the PyFunceble testing tool to validate the status of all known Phishing domains and provide stats to reveal how many unique domains used for Phishing are still active.

Attack Surface Management Platform | Sn1perSecurity LLC

JustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)

This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference

A MongoDB importer and API for Project Sonars DNS datasets

Ruby on Rails Phishing Framework

Hacking Toolkit

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

A "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)

Utilities for Sysmon

The Correlated CVE Vulnerability And Threat Intelligence Database API

👶 BabySploit Beginner Pentesting Toolkit/Framework Written in Python 🐍

Fully automated offensive security framework for reconnaissance and vulnerability scanning

A wrapper for Nmap to quickly run network scans

Penetration Testing Platform

Bringing you the best of the worst files on the Internet.

Imports Alienvault OTX pulses to a MISP instance

Gives you one-liners that aids in penetration testing operations, privilege escalation and more

Let's you perform domain/IP information gathering... in BASH! Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?"

This tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs enabling attackers to read data they shouldn't be able to. This tool is originally based on Microsoft: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in

A tool to test security of json web token

👀 🖥️ Golang rewrite of eyes.sh. Let's you perform domain/IP address information gathering. Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?" 🔍 🕵️

Python module/library for retrieving WHOIS information of domains 💻❤

A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python

Bass grabs you those "extra resolvers" you are missing out on when performing Active DNS enumeration. Add anywhere from 100-6k resolvers to your "resolver.txt"

🔍 Offline Analyzer for extracting features, artifacts and IoCs from Windows, Linux, Android, iPhone, Blackberry, macOS binaries, emails and more

A fast web directory/file enumeration tool written in Rust

unix SSH post-exploitation 1337 tool

🔄 A collection of mitmproxy inline scripts

Pentesting suite for Maltego based on data in a Metasploit database

Subdomain enumeration through various techniques