871 Open source projects that are alternatives of or similar to Eyes.sh

Abusing Impersonation Privileges on Windows 10 and Server 2019

A Powerful Subdomain Takeover Tool

Find web directories without bruteforce

Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.

Automated Cyber Offense

DotDotPwn - The Directory Traversal Fuzzer

A powerful hacker toolkit collected more than 10 categories of open source scanners from Github - 安全行业从业者自研开源扫描器合辑

无状态子域名爆破工具

Infection Monkey - An automated pentest tool

Detect hidden files and text in images

The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters

holehe allows you to check if the mail is used on different sites like twitter, instagram and will retrieve information on sites with the forgotten password function.

Interactive Network Scanner

Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security.

🔥 A powerful MongoDB auditing and pentesting tool 🔥

A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.

A fast GitHub stargazers information gathering tool

Making Favicon.ico based Recon Great again !

一款功能强大的漏洞扫描器，子域名爆破使用aioDNS，asyncio异步快速扫描，覆盖目标全方位资产进行批量漏洞扫描，中间件信息收集，自动收集ip代理，探测Waf信息时自动使用来保护本机真实Ip，在本机Ip被Waf杀死后，自动切换代理Ip进行扫描，Waf信息收集(国内外100+款waf信息)包括安全狗，云锁，阿里云，云盾，腾讯云等，提供部分已知waf bypass 方案，中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等)，支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能

My OSCP journey

Directory Services Internals (DSInternals) PowerShell Module and Framework

A set of recipes useful in pentesting and red teaming scenarios

The iOS Security Testing Framework

Single-file PHP shell

🔨 A modern multiple reverse shell sessions manager wrote in go

Information Gathering Instagram.

🆕 The Multi-Tool Web Vulnerability Scanner.

Simple Server Side Request Forgery services enumeration tool.

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

Fast browser-based network discovery module

Burp extension to passively scan for applications revealing software version numbers

E-mails, subdomains and names Harvester - OSINT

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

BlackRAT - Java Based Remote Administrator Tool

In-depth Attack Surface Mapping and Asset Discovery

An extensible application for penetration testers and software developers to decode/encode data into various formats.

Forward shell generation framework

Infoga - Email OSINT

Automate Pentest Tool

Th3Inspector 🕵️ Best Tool For Information Gathering 🔎

Web Application Security Scanner

🏴‍☠️ Tools for pentesting, CTFs & wargames. 🏴‍☠️

GitHub Recon — and what you can achieve with it!

Watchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.

Hack the World using Termux

Find emails of Github users

Convert Instagram user ID to username & vice versa

Information gathering & website reconnaissance | https://phishstats.info/

linuxprivchecker.py -- a Linux Privilege Escalation Check Script

Tactics, Techniques, and Procedures

The Mobile Application Security Verification Standard (MASVS) is a standard for mobile app security.

A repo with information about security of Ethereum Smart Contracts

Advanced Web Shell

🔎 Hunt down social media accounts by username across social networks

Dump exposed HTTP .git fast

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

A distributed nmap / masscan scanning framework complete with an API client for automation workflows

An HTTP/HTTPS intercept proxy written in Go.

A graph-based tool for visualizing effective access and resource relationships in AWS environments.

Learning Penetration Testing of Android Applications