1148 Open source projects that are alternatives of or similar to Finalrecon

A unified console to perform the "kill chain" stages of attacks.

Advanced Reconnaissance tool to enumerate attacking surface of the target.

Network Diagnostic Tool

Yet Another PHP Shell - The most complete PHP reverse shell

A ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network

Wi-Fi tools keep getting more and more accessible to beginners, and the Ehtools Framework is a framework of serious penetration tools that can be explored easily from within it. This powerful and simple tool can be used for everything from installing new add-ons to grabbing a WPA handshake in a matter of seconds. Plus, it's easy to install, set up, and utilize.

network reconnaissance toolkit

RubberDucky like payloads for DigiSpark Attiny85

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…

PacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.

HostHunter a recon tool for discovering hostnames using OSINT techniques.

Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting

API, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)

BurpSuite收集：包括不限于 Burp 文章、破解版、插件(非BApp Store)、汉化等相关教程，欢迎添砖加瓦---burpsuite-pro burpsuite-extender burpsuite cracked-version hackbar hacktools fuzzing fuzz-testing burp-plugin burp-extensions bapp-store brute-force-attacks brute-force-passwords waf sqlmap jar

Browse and search through nmap's NSE scripts.

A small Php application to fetch archive url snapshots from archive.org. using it you can fetch complete list of snapshot urls of any year or complete list of all years possible. Made Specially for penetration testing purpose.

Privilege Escalation Enumeration Script for Windows

Automation for internal Windows Penetrationtest / AD-Security

Let's you perform domain/IP information gathering... in BASH! Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?"

Internal penetration testing tool for Linux that can be used to enumerate OS information, domain information, shares, directories, and users through SMB.

A tool to hunt for publicly accessible DigitalOcean Spaces

SSRF (Server Side Request Forgery) testing resources

A tool to test security of json web token

RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.

Use ExpiredDomains.net and BlueCoat to find useful domains for red team.

A Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.

Relational database brute force and post exploitation tool for MySQL and MSSQL

Awesome cloud enumerator

For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙

JustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)

Attack Surface Management Platform | Sn1perSecurity LLC

Reconnaissance tool for GitHub code search. Finds exposed API keys using pattern matching, commit history searching, and a unique result scoring system.

Spoilerwall introduces a brand new concept in the field of network hardening. Avoid being scanned by spoiling movies on all your ports!

A web front-end for password cracking and analytics

Important security headers for koa

A self-service password management tool for Active Directory

被动式漏洞扫描系统

一个超级轻量的百度图片爬虫

Free Web Scraping Tool with Java

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)

Simple but useful Python web scraping tutorial code.

Dark Web OSINT Tool

Find exploit tool

API of DouYin for Humans used to Crawl Popular Videos and Musics

NetDiscovery 是一款基于 Vert.x、RxJava 2 等框架实现的通用爬虫框架/中间件。

A search application to explore, discover and share online files

linuxprivchecker.py -- a Linux Privilege Escalation Check Script

Making Favicon.ico based Recon Great again !

Fess is very powerful and easily deployable Enterprise Search Server.

A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.

Web Content Discovery Tool

A distributed web crawler framework.（分布式爬虫框架XXL-CRAWLER）

Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords

Reverse proxies cheatsheet

🔨 A modern multiple reverse shell sessions manager wrote in go

基于搜狗微信搜索的微信公众号爬虫接口

SessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally.

Life is short, *****.

Gospider - Fast web spider written in Go