1148 Open source projects that are alternatives of or similar to Finalrecon

HTTP API for Scrapy spiders

Create private keys and certificates with node.js

Tactics, Techniques, and Procedures

A tool to find redirection chains in multiple URLs

Reverse proxies cheatsheet

Port scanning and domain utility.

Quickly analyze and reverse engineer Android packages

Recursive and multi-threaded broken link checker

基于搜狗微信搜索的微信公众号爬虫接口

模拟登录各类网站，操作 API 完成各种不可描述的事情

PhoneInfoga is one of the most advanced tools to scan international phone numbers using only free resources. It allows you to first gather standard information such as country, area, carrier and line type on any international phone number. Then search for footprints on search engines to try to find the VoIP provider or identify the owner.

SessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally.

A python tool to check subdomain takeover vulnerability

A curated list of awesome privilege escalation

Detects the algorithm of input JWT Token and provide options to generate the new JWT token based on the user selected algorithm.

Distributed crawler powered by Headless Chrome

Load a fresh new copy of ntdll.dll via file mapping to bypass API inline hook.

Extract endpoints from APK files

Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.

🇰🇷 Realtime integrated information analysis service

Sifter aims to be a fully loaded Op Centre for Pentesters

Advanced Web Shell

Applied offensive security with Rust - Early access - https://academy.kerkour.com/black-hat-rust?coupon=GITHUB

GeoIP exporter for Prometheus

An Arch Linux repository for security professionals and enthusiasts. Done the Arch Way and optimized for i686, x86_64, ARMv6, ARMv7 and ARMv8.

Just another script for automatize boolean-based blind SQL injections. (Demo)

个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

Burp Extension for testing authorization issues. Automated request repeating and parameter value extraction on the fly.

OSINT Swiss Army Knife

Quick utility to craft executables for pentesting and managing reverse shells

A graph-based tool for visualizing effective access and resource relationships in AWS environments.

A fluent and functional approach to querying HTML

Notes for taking the OSCP in 2097. Read in book form on GitBook

Scaling Network Scanning. Changes prior to 1.0 may cause difficult to avoid backwards incompatibilities. You've been warned.

Crawl a website and take screenshots

基金投资管理回测引擎

🦄🔒 Awesome list of secrets in environment variables 🖥️

Idiomatic nmap library for go developers

TumblTwo, an Improved Fork of TumblOne, a Tumblr Downloader.

一个轻量级、快速、多线程、多管道、灵活配置的网络爬虫。

network visualization & vulnerability management/reporting

Quick tool for checking CVE-2020-0688 on multiple hosts with a non-intrusive method.

📝 quickly crawl the information (e.g. followers, tags etc...) of an instagram profile.

Easy way to brute-force web directory.

Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.

Intelligent XSS detection tool that uses human techniques for looking for reflected cross-site scripting (XSS) vulnerabilities

Redis-based components for Scrapy.

Automatic SQL injection and database takeover tool

⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡

A curated list of awesome OSCP resources

Collection of pentesting scripts

Python based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.

A collection of awesome web crawler,spider in different languages

Easy files and payloads delivery over DNS

无cookie版微博爬虫，可以连续爬取一个或多个新浪微博用户信息、用户微博及其微博评论转发。

The archivist's web crawler: WARC output, dashboard for all crawls, dynamic ignore patterns

Offensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.

Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。

Network Pivoting Toolkit

🌭💦 91porn爬虫在线API接口（永久有效） 及 在线web预览