399 Open source projects that are alternatives of or similar to Dufflebag

Application and Service Fingerprinting

Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

A Central Control Plane for AWS Permissions and Access

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.

An OSINT Metadata analyzing tool that filters through tags and creates reports

Exein core for Linux based firmware

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能

A CLI tool for automating the importing, securing and usage of NordVPN (and in the future, more) OpenVPN servers through NetworkManager.

The Swiss Army knife for automated Web Application Testing

🔒 A curated checklist of 300+ tips for protecting digital security and privacy in 2021

Passive Security Scanner (被动式安全扫描器)

Work in progress firewall for Linux syscalls, written in Rust

It's a simple tool for test vulnerability shellshock

A ZigBee hacking toolkit by Bishop Fox

Tool to predict attacker groups from the techniques and software used

Web Application recon automation

vulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}

The full story of the CLR implementation of Meterpreter

An Unsupervised Graph-based Toolbox for Fraud Detection

EmbedOS - Embedded security testing virtual machine

Scrapes Router Passwords From http://www.routerpasswords.com ,more then +300 product

Rescope is a tool geared towards pentesters and bugbounty researchers, that aims to make life easier when defining scopes for Burp Suite and OWASP ZAP.

We propose a user-friendly add-on that allows you to check if your encrypted web traffic (SSL/TLS) towards secured Internet servers (HTTPS) is not intercepted (being listened to).

A JWT (JSON Web Token) Encoder & Decoder

A python2 script for sweeping a network to find windows systems compromised with the DOUBLEPULSAR implant.

The dum^H^H^Hsimplest encryption tool in the world.

无状态子域名爆破工具

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

Build A GUI For Xray，给Xray造一个GUI控制端。

🛡️⚔️ Protect your web app from DDOS attack or the Dead Ping + CAPTCHA VERIFICATION in one line!

ESLint security plugin for Node.js

Simplifying Seccomp enforcement in containerized or non-containerized apps

SIPCheck is a tool that watch the authentication of users of Asterisk and bans automatically if some user (or bot) try to register o make calls using wrong passwords.

Automated NoSQL database enumeration and web application exploitation tool.

Custom filters and other resources to use with uBlock Origin and uMatrix.

A collection of public offensive and defensive security related scripts for InfoSec students.

Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues

Hashcat web interface

A default credential scanner.

Curated list of links, references, books videos, tutorials (Free or Paid), Exploit, CTFs, Hacking Practices etc. which are related to AWS Security

Command line password manager for Unix-like operating systems

🚀 Fast Port Scanner 🚀

A tool to find subdomains and interesting things hidden inside, external Javascript files of page, folder, and Github.

A PowerShell armoury for penetration testers or other random security guys

X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

A Go implementation of dirsearch.

OWASP Threat Dragon with Gitlab Integration

Awesome Golang Security resources 🕶🔐

System Optimizer and Monitoring, Security Auditing, Vulnerability scanner for Linux, macOS, and UNIX-based systems

pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.

Telling tales on you for leaking secrets!

Intelligence and Reconnaissance Package/Bundle installer.

dnxfirewall (dad's next-gen firewall), a pure Python next generation firewall built on top of Linux kernel/netfilter.

Find cloud assets that no one wants exposed 🔎 ☁️

NebulousAD automated credential auditing tool.

An open source tool to aid in command line driven generation of bug bounty reports based on user provided templates.

An application to assist in the organization and prioritization of software security activities.

安全总是无处不在...