1277 Open source projects that are alternatives of or similar to Findsploit

Leverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.

Docker images for infosec tools

Pentest: Subdomains enumeration tool for penetration testers.

Hack the World using Termux

Open source all-in-one CLI tool to semi-automate pentesting.

Automated Red Team Infrastructure deployement using Docker

A wrapper for Nmap to quickly run network scans

Source of lyrics.ovh and API to search for lyrics of a song

👨‍💻 Impress your friends by pretending to be a real hacker

Pentest/BugBounty progress control with scanning modules

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

Pentesting suite for Maltego based on data in a Metasploit database

A tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo for linux privilege escalation.

Search Google/Bing/Ecosia/DuckDuckGo/Yandex/Yahoo for a search term with a default set of websites, bug bounty programs or a custom collection.

Turn your VPS into an attack box

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

TryHackMe CTFs writeups, notes, drafts, scrabbles, files and solutions.

Python AV Evasion Tools

Find exposed API keys based on RegEx and get exploitation methods for some of keys that are found

Framework for rapid development and reusable of security tools

🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks

Yet Another PHP Shell - The most complete PHP reverse shell

parse nmap files

Find files (ff) by name, fast!

Offensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.

Penetration tests guide based on OWASP including test cases, resources and examples.

Custom bash scripts used to automate various penetration testing tasks including recon, scanning, parsing, and creating malicious payloads and listeners with Metasploit.

An automated approach to performing recon for bug bounty hunting and penetration testing.

Advisories, proof of concept files and exploits that have been made public by @pedrib.

All releases of the security research group (a.k.a. hackers) The Hacker's Choice

Its a framework filled with alot of options and hacking tools you use directly in the script from brute forcing to payload making im still adding more stuff i now have another tool out called htkl-lite its hackers-tool-kit just not as big and messy to see updates check on my instagram @tuf_unkn0wn or if there are any problems message me on instagram

Tool for catching and logging different types of requests.

This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.

Related subdomains finder

RFD Checker - security CLI tool to test Reflected File Download issues

Framework For Exploring kernel vulnerabilities, network vulnerabilities ✨

Backend logic implementation for Vulnerability Management System

A collection of useful links for Pentesters

Jasmin Ransomware is an advanced red team tool (WannaCry Clone) used for simulating real ransomware attacks. Jasmin helps security researchers to overcome the risk of external attacks.

Reconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.

Metasploit custom modules, plugins, resource script and.. awesome metasploit collection

A Tool for Domain Flyovers

Search Nmap and Metasploit scanning scripts.

Pentest/BugBounty progress control with scanning modules

Misc. Public Reports of Penetration Testing and Security Audits.

OSINT

A fast DOM based XSS vulnerability scanner with simplicity.

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

A collection of special paths linked to major web CVEs, known misconfigurations, juicy APIs ..etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints and quick-wins.

This challenge is Inon Shkedy's 31 days API Security Tips.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Powerfull XSS Scanning and Parameter analysis tool&gem

A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.

🔺 Red Team Hardware Toolkit 🔺

A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.

Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。

A list of resources for those interested in getting started in bug bounties

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

Python/Django based webapps and web user interfaces for search, structure (meta data management like thesaurus, ontologies, annotations and named entities) and data import (ETL like text extraction, OCR and crawling filesystems or websites)