2304 Open source projects that are alternatives of or similar to Docker Security Images

List of every possible vulnerabilities in computer security.

A Python Bytecode Disassembler helping reverse engineers in dissecting Python binaries by disassembling and analyzing the compiled python byte-code(.pyc) files across all python versions (including Python 3.10.*)

All-in-one tool for managing vulnerability reports from AppSec pipelines

Python3 script to perform LDAP queries and enumerate users, groups, and computers from Windows Domains. Ldap_Search can also perform brute force/password spraying to identify valid accounts via LDAP.

Venom - A Multi-hop Proxy for Penetration Testers

A fully automatic wifi deauther coded in Python

A pentesting tool inspired by mr robot and derived by zphisher

A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.

😹 Tomcter is a python tool developed to bruteforce Apache Tomcat manager login with Apache Tomcat default credentials.

🛡️ Make your web services secure by default !

Prevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes, Serverless framework and other infrastructure-as-code-languages with Checkov by Bridgecrew.

Cat-Nip Automated Basic Pentest Tool - Designed For Kali Linux

Pentesting suite for Maltego based on data in a Metasploit database

Windows one line commands that make life easier, shortcuts and command line fu.

GUI based offensive penetration testing tool (Open Source)

This challenge is Inon Shkedy's 31 days API Security Tips.

Bringing you the best of the worst files on the Internet.

🔪 Leak git repositories from misconfigured websites

Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network

PyIris-backdoor is a modular, stealthy and flexible remote-access-toolkit written completely in python used to command and control other systems. It is now in the beta stage, possibly perpetually. There are bugs still present in the framework, feel free to contribute or help me out with this project its still under active development >_>

Fully automated offensive security framework for reconnaissance and vulnerability scanning

Leverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.

Overlord - Red Teaming Infrastructure Automation

🎯 XML External Entity (XXE) Injection Payload List

Tool Information Gathering Write By Python.

A fast DOM based XSS vulnerability scanner with simplicity.

This tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs enabling attackers to read data they shouldn't be able to. This tool is originally based on Microsoft: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in

🏴‍☠️ Tools for pentesting, CTFs & wargames. 🏴‍☠️

👻Impost3r -- A linux password thief

Pentest Lab on OpenStack with Heat, Chef provisioning and Docker

network reconnaissance toolkit

Learn and understand Docker technologies, with real DevOps practice!

A standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)

Gives you one-liners that aids in penetration testing operations, privilege escalation and more

Collection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)

internet monitoring osint telegram bot for windows

Steganography brute-force utility to uncover hidden data inside files

A Golang implant that uses Slack as a command and control server

OSINT Swiss Army Knife

PacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.

This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.

Bash script purposed for system enumeration, vulnerability identification and privilege escalation.

Port scanning and domain utility.

HostHunter a recon tool for discovering hostnames using OSINT techniques.

Intelligence tool but without API key

Wi-Fi tools keep getting more and more accessible to beginners, and the Ehtools Framework is a framework of serious penetration tools that can be explored easily from within it. This powerful and simple tool can be used for everything from installing new add-ons to grabbing a WPA handshake in a matter of seconds. Plus, it's easy to install, set up, and utilize.

A tool to hunt for publicly accessible DigitalOcean Spaces

Apply\Destory Terraform modules via a simple REST API endpoint.

GitBook: OSCP RoadMap

Automation for internal Windows Penetrationtest / AD-Security

A simple tool for interacting with OWASP ZAP from the commandline.

Quickly analyze and reverse engineer Android packages

A fast web directory/file enumeration tool written in Rust

Penetration tests guide based on OWASP including test cases, resources and examples.

Fast Modular Web Interfaces Bruteforcer

Command line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.

Monitoring your Slack workspaces for sensitive information

A Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.

Keye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will make a request to these URLs and try to detect changes based on their response's body length.

A collection of public offensive and defensive security related scripts for InfoSec students.