871 Open source projects that are alternatives of or similar to Eyes.sh

Linux enumeration tool for pentesting and CTFs with verbosity levels

Quickly analyze and reverse engineer Android packages

Search Google and download specific file types

Bella is a pure python post-exploitation data mining tool & remote administration tool for macOS. 🍎💻

Overlord - Red Teaming Infrastructure Automation

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

This repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions

Selenium powered Python script to automate searching for vulnerable web apps.

fsociety Hacking Tools Pack – A Penetration Testing Framework

Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.

brute force SSH public-key authentication

Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security.

Automatic finder for subdomains vulnerable to takeover. Written in Go, based on @haccer's subjack.

Docker image for Osmedeus, a fully automated offensive security tool for reconnaissance and vulnerability scanning

A fast GitHub stargazers information gathering tool

This repo will contain some basic pentest/RT commands.

WARF is a Web Application Reconnaissance Framework that helps to gather information about the target.

Pentest Report Generator

Totem allows you to retrieve information about ads of a facebook page , we can retrieve the number of people targeted, how much the ad cost and a lot of other information.

A container repository for my public web hacks!

😹 Tomcter is a python tool developed to bruteforce Apache Tomcat manager login with Apache Tomcat default credentials.

A step-by-step walkthrough of CloudGoat 2.0 scenarios.

The iOS Security Testing Framework

DeepSea Phishing Gear

Detects the algorithm of input JWT Token and provide options to generate the new JWT token based on the user selected algorithm.

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

🔑 Hash type identifier (CLI & lib)

This repository contains writeups for various CTFs I've participated in (Including Hack The Box).

Security Testing is not as simple as right click > Scan. It's messy, a tough game. What if you had missed to test just that one thing and had to regret later? Sh00t is a highly customizable, intelligent platform that understands the life of bug hunters and emphasizes on manual security testing.

Burp extension to passively scan for applications revealing software version numbers

This is an open source tool to dump the wifi profiles and cleartext passwords of the connected access points on the Windows machine. This tool will help you in a Wifi penetration testing. Furthermore, it is useful while performing red team or an internal infrastructure engagements.

Functions that can be used to gain Reverse Shells with PowerShell

Rubyfu, where Ruby goes evil!

In-depth Attack Surface Mapping and Asset Discovery

Mobile penetration testing android & iOS command cheatsheet

PowerShell SOCKS proxy with reverse proxy capabilities

A tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo for linux privilege escalation.

⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡

PhoneInfoga is one of the most advanced tools to scan international phone numbers using only free resources. It allows you to first gather standard information such as country, area, carrier and line type on any international phone number. Then search for footprints on search engines to try to find the VoIP provider or identify the owner.

a fast password wordlist generator, Smartlist creation and password hybrid-mask analysis tool written in pure safe Rust

DART is a test documentation tool created by the Lockheed Martin Red Team to document and report on penetration tests, especially in isolated network environments.

JSON RSA to HMAC and None Algorithm Vulnerability POC

Ashok is a OSINT Recon Tool , a.k.a 😍 Swiss Army knife .

A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.

Just another script for automatize boolean-based blind SQL injections. (Demo)

ANDRAX The first and unique Penetration Testing platform for Android smartphones

A repo with information about security of Ethereum Smart Contracts

nnposter's alternate fingerprint dataset for Nmap script http-default-accounts

Burp Extension for testing authorization issues. Automated request repeating and parameter value extraction on the fly.

A pure-Python ARP Cache Poisoning (a.k.a "ARP Spoofing") tool

🔎 Hunt down social media accounts by username across social networks

Provides various Windows Server Active Directory (AD) security-focused reports.

Semi-automatic OSINT framework and package manager

A curated list of awesome privilege escalation

ICP备案查询，可查询企业或域名的ICP备案信息，自动完成滑动验证，保存结果到Excel表格，适用于2022年新版的工信部备案管理系统网站，告别频繁拖动验证，以及某站*工具要开通VIP才可查看备案信息的坑

Tool to communicate with RPC services and check misconfigurations on NFS shares

PowerShell Runspace Portable Post Exploitation Tool aimed at making Penetration Testing with PowerShell "easier"

Totally Insecure Web Application Project (TIWAP)

Track any ip address with IP-Tracker. IP-Tracker is developed for Linux and Termux. you can retrieve any ip address information using IP-Tracker.

Quick utility to craft executables for pentesting and managing reverse shells