481 Open source projects that are alternatives of or similar to filter-var-sqli

Vulnerability assessment and penetration testing automation and reporting platform for teams.

A cross-platform note-taking & target-tracking app for penetration testers.

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…

GUI based offensive penetration testing tool (Open Source)

Vaf is a cross-platform very advanced and fast web fuzzer written in nim

A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.

Pentest: Subdomains enumeration tool for penetration testers.

List of every possible vulnerabilities in computer security.

Quick SQL Scanner, Dorker, Webshell injector PHP

一款功能强大的漏洞扫描器，子域名爆破使用aioDNS，asyncio异步快速扫描，覆盖目标全方位资产进行批量漏洞扫描，中间件信息收集，自动收集ip代理，探测Waf信息时自动使用来保护本机真实Ip，在本机Ip被Waf杀死后，自动切换代理Ip进行扫描，Waf信息收集(国内外100+款waf信息)包括安全狗，云锁，阿里云，云盾，腾讯云等，提供部分已知waf bypass 方案，中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等)，支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能

A collection of various awesome lists for hackers, pentesters and security researchers

Automated NoSQL database enumeration and web application exploitation tool.

A Tool for Domain Flyovers

Keye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will make a request to these URLs and try to detect changes based on their response's body length.

Web Application Security Scanner Framework

Python Interactive Deepweb-oriented Rapid Intelligent Link Analyzer

Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.

SQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcing

It's a Docker Environment for pentesting which having all the required tool for VAPT.

Obtain GraphQL API Schema even if the introspection is not enabled

Web path scanner

Audit tool to find common vulnerabilities in PHP source code

Work in progress...

Credentials Checking Framework

Extract endpoints marked as disallow in robots files to generate wordlists.

PowerShell payload generator

SQL injection via bruteforced MD5 hash reflection of random strings

A Collection of Notes, Methodologies, POCs and everything else related to Bug Hunting.

Fast tool to extract all subdomains from crt.sh website. Output will be up to sub.sub.sub.subdomain.com with standard and advanced search techniques

A Python Hacking Library consisting of network scanner, arp spoofer and detector, dns spoofer, code injector, packet sniffer, network jammer, email sender, downloader, wireless password harvester credential harvester, keylogger, download&execute, ransomware, data harvestors, etc.

Web Penetration Testing with Kali Linux - Third Edition, published by Packt

Microsoft Azure Exploitation Framework

Turn PuTTY into an SSH login bruteforcing tool.

Kali image with kali-linux-full metapackage installed, build every night.

pure python remote adb scanner + nmap scan module

GoPhish Templates that I have retired and/or templates I've recreated.

DevBrute is a Password Brute Forcer, It can Brute Force almost all Social Media Accounts or Any Web Application.

In my computer security courses I make extensive usage of cheatsheets for various tools and extra materials to complement the student learning if they are willing to do so. I have decided to share them to enable others to take advantage of them

TryHackMe CTFs writeups, notes, drafts, scrabbles, files and solutions.

A dictionary attack tool for PostgreSQL and MSSQL

Command line tool for passive reconnaissance, able to gather and link public information to a target domain, company or individual. It can make intelligence gathering faster and more effective by drastically reducing manual user interaction. This is achieved through the engineering of a highly customisable single input to multiple output solutio…

pentest toolbox

An awesome collection of curated Cyber Security resources(Books, Tutorials, Blogs, Podcasts, ...)

The LAZY script will make your life easier, and of course faster.

Security Testing is not as simple as right click > Scan. It's messy, a tough game. What if you had missed to test just that one thing and had to regret later? Sh00t is a highly customizable, intelligent platform that understands the life of bug hunters and emphasizes on manual security testing.

Collect email addresses by crawling search engine results.

Ary 是一个集成类工具，主要用于调用各种安全工具，从而形成便捷的一键式渗透。

This is an open source tool to dump the wifi profiles and cleartext passwords of the connected access points on the Windows machine. This tool will help you in a Wifi penetration testing. Furthermore, it is useful while performing red team or an internal infrastructure engagements.

Kali Intelligence Suite (KIS) shall aid in the fast, autonomous, central, and comprehensive collection of intelligence by executing standard penetration testing tools. The collected data is internally stored in a structured manner to allow the fast identification and visualisation of the collected information.

Script that automates the installation of the main tools used for web application penetration testing and Bug Bounty.

A script to configure a TP-Link MR3040 running OpenWRT into a simple, yet powerful penetration-testing "dropbox".

Penetration tests on SSH servers using brute force or dictionary attacks. Written in Python.

Wordpress 🔥 Joomla 🔥 Drupal 🔥 OsCommerce 🔥 Prestashop 🔥 Opencart 🔥

Rubyfu, where Ruby goes evil!

Fleex makes it easy to create multiple VPS on cloud providers and use them to distribute workloads.

Armor is a simple Bash script designed to create encrypted macOS payloads capable of evading antivirus scanners.

In progress rough solutions to bWAPP / bee-box

Cameradar hacks its way into RTSP videosurveillance cameras

Mobile penetration testing android & iOS command cheatsheet

🌔 Official Repository for DarkSpiritz Penetration Framework | Written in Python 🐍