2595 Open source projects that are alternatives of or similar to Faraday

An Arch Linux repository for security professionals and enthusiasts. Done the Arch Way and optimized for i686, x86_64, ARMv6, ARMv7 and ARMv8.

Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords

分布式资产安全扫描核心管理系统(弱口令扫描，漏洞扫描)

Web path scanner

Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns

Hacking Toolkit

被动式漏洞扫描系统

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Powerful Visual Subdomain Enumeration at the Click of a Mouse

A wrapper for Nmap to quickly run network scans

Misc. Public Reports of Penetration Testing and Security Audits.

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

A simple tool for interacting with OWASP ZAP from the commandline.

A simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support

A Python tool used to automate the execution of the following tools : Nmap , Nikto and Dirsearch but also to automate the report generation during a Web Penetration Testing

Vulnogram is a tool for creating and editing CVE information in CVE JSON format

Detects Windows and Linux systems with enabled Trusted Platform Modules (TPM) vulnerable to CVE-2017-15361. #nsacyber

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…

A list to discover work of red team tooling and methodology for penetration testing and security assessment

Burp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Application Security Testing (DAST).

Identify vulnerabilities in running containers, images, hosts and repositories

kube-scan: Octarine k8s cluster risk assessment tool

Vulnerability Dashboard

Cameradar hacks its way into RTSP videosurveillance cameras

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

Red Team Toolkit is an Open-Source Django Offensive Web-App which is keeping the useful offensive tools used in the red-teaming together.

Terraform module for creating alarms for tracking important changes and occurrences from cloudtrail.

🔱 Collection and Roadmap for everyone who wants DevSecOps.

Port scanning and domain utility.

Terraform Automation and Orchestration Tool (Open Source)

Anteater - CI/CD Gate Check Framework

The DevSecOps toolset for REST APIs

Prevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes, Serverless framework and other infrastructure-as-code-languages with Checkov by Bridgecrew.

Curating the best DevSecOps resources and tooling.

An authoritative list of awesome devsecops tools with the help from community experiments and contributions.

Errbot is a chatbot, a daemon that connects to your favorite chat service and bring your tools and some fun into the conversation.

GitGuardian Shield GitHub Action - Find exposed credentials in your commits

Typing in Tandem. Decentralized, cross-editor, collaborative text-editing!

Web Application Security Scanner Framework

📑 Collaborative document editing using Markdown

Etherpad: A modern really-real-time collaborative document editor.

A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.

Prowler is an Open Source Security tool for AWS, Azure and GCP to perform Cloud Security best practices assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. It contains hundreds of controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks.

Remote control your Greenbone Community Edition or Greenbone Enterprise Appliance

Extraction of iMessage Data via XSS

ClearML Agent - ML-Ops made easy. ML-Ops scheduler & orchestration solution

👯 Realtime text animation for Slack chatops

ONLYOFFICE Document Server is an online office suite comprising viewers and editors for texts, spreadsheets and presentations, fully compatible with Office Open XML formats: .docx, .xlsx, .pptx and enabling collaborative editing in real time.

Comprehensive Web Based Phishing Suite for Rapid Deployment and Real-Time Alerting!

Vaf is a cross-platform very advanced and fast web fuzzer written in nim

Open Source SIEM (Security Information and Event Management system).

Burp Scanner extension to fingerprint and actively scan instances of the Adobe Experience Manager CMS. It checks the website for common misconfigurations and security holes.

(Deprecated) Submit all images in your Kubernetes cluster to Anchore for a vulnerability check and check your configuration with kubeaudit

This repository contains writeups for various CTFs I've participated in (Including Hack The Box).

An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)

Web Penetration Testing with Kali Linux - Third Edition, published by Packt

Chat Bot Security Checklist

Pentest: Subdomains enumeration tool for penetration testers.

汽车/安卓/固件/代码安全测试工具集

A schema and set of tools for using SQL to query cloud infrastructure.