2304 Open source projects that are alternatives of or similar to Docker Security Images

Python Interactive Deepweb-oriented Rapid Intelligent Link Analyzer

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

Penetration Testing notes, resources and scripts

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

SSRF (Server Side Request Forgery) testing resources

Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.

This repository contains writeups for various CTFs I've participated in (Including Hack The Box).

Wireshark Cheat Sheet

Centralize Vulnerability Assessment and Management for DevSecOps Team

A curated list of awesome OSCP resources

Spoilerwall introduces a brand new concept in the field of network hardening. Avoid being scanned by spoiling movies on all your ports!

Vulnerability Dashboard

CVE-2016-8610 (SSL Death Alert) PoC

🌔 Official Repository for DarkSpiritz Penetration Framework | Written in Python 🐍

This is my OSCP cheat sheet made by combining a lot of different resources online with a little bit of tweaking. I used this cheat sheet during my exam (Fri, 13 Sep 2019) and during the labs. I can proudly say it helped me pass so I hope it can help you as well ! Good Luck and Try Harder

Let's you perform domain/IP information gathering... in BASH! Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?"

Vagrant VirtualBox environment for conducting an internal network penetration test

All In One Pentesting Tool For Recon & Auditing , Phone Number Lookup , Header , SSH Scan , SSL/TLS Scan & Much More.

TryHackMe CTFs writeups, notes, drafts, scrabbles, files and solutions.

An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

👶 BabySploit Beginner Pentesting Toolkit/Framework Written in Python 🐍

Collection of several DDos tools.

A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python

A tool for generating reverse shell payloads on the fly.

Offensive Reverse Shell (Cheat Sheet)

Awesome cloud enumerator

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Passhunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.

Create a VPS on Google Cloud Platform or Digital Ocean easily with Offensive Docker included to launch assessment to the targets.

Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords

Kubernetes Goat is "Vulnerable by Design" Kubernetes Cluster. Designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security.

📚 Overview 🔒 Tooling 🔒 Process 🔒 Physical 🔒 People 📚

👀 🖥️ Golang rewrite of eyes.sh. Let's you perform domain/IP address information gathering. Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?" 🔍 🕵️

BurpSuite收集：包括不限于 Burp 文章、破解版、插件(非BApp Store)、汉化等相关教程，欢迎添砖加瓦---burpsuite-pro burpsuite-extender burpsuite cracked-version hackbar hacktools fuzzing fuzz-testing burp-plugin burp-extensions bapp-store brute-force-attacks brute-force-passwords waf sqlmap jar

Simple Karma Attack

RFD Checker - security CLI tool to test Reflected File Download issues

Password wordlist generator using song lyrics for targeted bruteforce audits / attacks. Useful for penetration testing or security research.

Browse and search through nmap's NSE scripts.

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能

Penetration Testing Platform

Forward shell generation framework

A tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo for linux privilege escalation.

A small Php application to fetch archive url snapshots from archive.org. using it you can fetch complete list of snapshot urls of any year or complete list of all years possible. Made Specially for penetration testing purpose.

🔥 A powerful MongoDB auditing and pentesting tool 🔥

🔎 Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.

Subdomain Takeover tool written in Go

Venom - A Multi-hop Proxy for Penetration Testers

All-in-one tool for managing vulnerability reports from AppSec pipelines

Python3 script to perform LDAP queries and enumerate users, groups, and computers from Windows Domains. Ldap_Search can also perform brute force/password spraying to identify valid accounts via LDAP.

RubberDucky like payloads for DigiSpark Attiny85

🔪 Leak git repositories from misconfigured websites

Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network

VirusTotal Wanna Be - Now with 100% more Hipster

This challenge is Inon Shkedy's 31 days API Security Tips.

Bringing you the best of the worst files on the Internet.

Portia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised. Portia performs privilege escalation as well as lateral movement automatically in the network

🛡️ Make your web services secure by default !

Passwords Recovery Tool

🏴‍☠️ Tools for pentesting, CTFs & wargames. 🏴‍☠️