1097 Open source projects that are alternatives of or similar to Docker Onion Nmap

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能

Gorsair hacks its way into remote docker containers that expose their APIs

Gorecon is a All in one Reconnaissance Tool , a.k.a swiss knife for Reconnaissance , A tool that every pentester/bughunter might wanna consider into their arsenal

NSE scripts to detect CVE-2020-1350 SIGRED and CVE-2020-0796 SMBGHOST, CVE-2021-21972, proxyshell, CVE-2021-34473

A tool to hunt for publicly accessible DigitalOcean Spaces

Nuubi Tools (Information-ghatering|Scanner|Recon.)

An automated target reconnaissance pipeline.

Python network tool, similar to Netcat with custom features.

MX1014 is a flexible, lightweight and fast port scanner.

Pentest: Subdomains enumeration tool for penetration testers.

Offensive Security recon tool

Python 3.5+ DNS asynchronous brute force utility

Vulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.

Custom bash scripts used to automate various penetration testing tasks including recon, scanning, parsing, and creating malicious payloads and listeners with Metasploit.

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

Automatic Service Enumeration Script

Open source all-in-one CLI tool to semi-automate pentesting.

🔍 Tool for - Host Discovery, Port Scanning and Operating System Fingerprinting

Recsech is a tool for doing Footprinting and Reconnaissance on the target web. Recsech collects information such as DNS Information, Sub Domains, HoneySpot Detected, Subdomain takeovers, Reconnaissance On Github and much more you can see in Features in tools .

Advanced Reconnaissance tool to enumerate attacking surface of the target.

Python Security Scripts

Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.

ssh public host key scanner using shodan

Reconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.

Command line tool that allows you to explore IoT devices by using Shodan API.

Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.

This repository created for personal use and added tools from my latest blog post.

💻 Netcat client and server modules written in pure Javascript for Node.js.

Infosec Wordlists

ZeroNet - Decentralized websites using Bitcoin crypto and BitTorrent network

HTTP file upload scanner for Burp Proxy

📻 LocalRadio is "Radio for Cord-Cutters" – a Software-Defined Radio (SDR) app for your Mac and mobile devices. With an inexpensive RTL-SDR USB device, LocalRadio provides a casual, home-based radio listening experience for your favorite local frequencies - FM broadcasts/free music/news/sports/weather/public safety & aviation scanner/etc.

Tor Browser automation with Selenium.

Web-based Source Code Vulnerability Scanner

Web Application Security Scanner Framework

Automated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]

Applied offensive security with Rust - Early access - https://academy.kerkour.com/black-hat-rust?coupon=GITHUB

A list of web application security

Port of Wappalyzer (uncovers technologies used on websites) to automate mass scanning.

Awesome cloud enumerator

Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation

A fast DOM based XSS vulnerability scanner with simplicity.

Scan your code, extract translation keys/values, and merge them into i18n resource files.

iblessing is an iOS security exploiting toolkit, it mainly includes application information collection, static analysis and dynamic analysis. It can be used for reverse engineering, binary analysis and vulnerability mining.

Vulners Python API wrapper

Linux privilege escalation checks (systemd, dbus, socket fun, etc)

locate and attack Lync/Skype for Business

(deprecated) Android application vulnerability analysis and Android pentest tool

A standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)

Selenium powered Python script to automate searching for vulnerable web apps.

👻 A LAN dropbox chatbot controllable via Telegram

Hetty is an HTTP toolkit for security research.

This is a setup for a Tor based shared web hosting server

CheckIPTools 扫描谷歌IP以及实用IP转换小工具

Web Pentesting Fuzz 字典,一个就够了。

Hundreds of Offensive and Useful Docker Images for Network Intrusion. The name says it all.

A simple interpreter for a large subset of Pascal language written for educational purposes

Intercept, modify, repeat and attack Android's Binder transactions using Burp Suite