1255 Open source projects that are alternatives of or similar to Dradis Ce

Infosec Wordlists

Damn Vulnerable Bank is designed to be an intentionally vulnerable android application. This provides an interface to assess your android application security hacking skills.

a tool to analyze filesystem images for security

🌒 Shell command obfuscation to avoid detection systems

The Grass Computing Platform

A Security Tool for Enumerating WebSockets

No description or website provided.

Bug Bounty Guide is a launchpad for bug bounty programs and bug bounty hunters.

Git folder digger, I'm sure it's worthwhile stuff.

Top 100 Hacking & Security E-Books (Free Download)

DDTTX Tabletop Trainings

Statically-linked ssh server with reverse shell functionality for CTFs and such

ATT&CK实操

Reconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.

Tactics, Techniques, and Procedures

A list of web application security

This repo will contain some basic pentest/RT commands.

Automated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]

Automatic SQL injection and database takeover tool

For over 20 years, teams of all sizes have used Cerb to manage their email workloads. Whether you're a solo founder replying to a few support messages per day, or a team with hundreds of members replying to thousands of messages per hour, you can serve your audience faster with Cerb's time-tested tools. Development at: https://github.com/jstande…

Subdomain enumeration through various techniques

Scaling Network Scanning. Changes prior to 1.0 may cause difficult to avoid backwards incompatibilities. You've been warned.

PowerShell Runspace Portable Post Exploitation Tool aimed at making Penetration Testing with PowerShell "easier"

Public Repository of Open Source Tools for Cyber Threat Intelligence Analysts and Researchers

👻 A LAN dropbox chatbot controllable via Telegram

Certified Smart Contract Audits (Ethereum, Hyperledger, xDAI, Huobi ECO Chain, Binance Smart Chain, Fantom, EOS, Tezos) by Chainsulting

domhttpx is a google search engine dorker with HTTP toolkit built with python, can make it easier for you to find many URLs/IPs at once with fast time.

PHP Security Check List [ EN ] 🌋 ☣️

A curated list of awesome privilege escalation

Subcert is an subdomain enumeration tool, that finds all the subdomains from certificate transparency logs.

Linux vulnerability scanner based on Salt Open and Vulners audit API, with Slack notifications and JIRA integration

A curated list of security resources for a Ruby on Rails application

Collection of pentesting scripts

Little tool made in python to create payloads for Linux, Windows and OSX with unique handler

Linux privilege escalation checks (systemd, dbus, socket fun, etc)

Burpsuite-Plugins-Usage

Python-based CLI Password Analyser (Reporting Tool)

locate and attack Lync/Skype for Business

A community collection of security reviews of open source software components.

bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.

Validate all your Customer IAM Policies against AWS Access Analyzer - Policy Validation

A private Lumina server for IDA Pro

Web Application Security Automation Framework which recons the target for various assets to maximize the attack surface for security professionals & bug-hunters

A python tool to check subdomain takeover vulnerability

🦁 Juumla is a python tool created to identify Joomla version, scan for vulnerabilities and search for config or backup files.

Continuously monitor your AWS services for configurations that can lead to degradation of confidentiality, integrity or availability. All results will be sent to Security Hub for further aggregation and analysis.

Main operatorfabric program

Offensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.

Elixir side-project: Collaboratively estimate Jira stories (for remote teams)

Docker image for Osmedeus, a fully automated offensive security tool for reconnaissance and vulnerability scanning

Links for the OSINT Team

Detects the algorithm of input JWT Token and provide options to generate the new JWT token based on the user selected algorithm.

一键提取安卓应用中可能存在的敏感信息。

OSINT

API powering the code.gov source code harvester

Load a fresh new copy of ntdll.dll via file mapping to bypass API inline hook.

This repository contains writeups for various CTFs I've participated in (Including Hack The Box).

fireELF - Fileless Linux Malware Framework

DNS Rebinding Exploitation Framework

Linux Rootkits (4.x Kernel)