441 Open source projects that are alternatives of or similar to Findwebshell

🔨 Manage your website via terminal

Webshell Manager

Ghidra Analysis Enhancer 🐉

A Virtual environment for Pentesting IoT Devices

A collection of security related Python and Bash shell scripts. Analyze hosts on generic security vulnerabilities. Wrapper around popular tools like nmap (portscanner), nikto (webscanner) and testssl.sh (SSL/TLS scanner)

入侵分析时发现的Webshell后门

Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).

Ansible role to apply a security baseline. Systemd edition.

File Scanning Framework

Advanced and easy to use penetration testing framework 💣🔎

Bash script to audit and fix macOS Catalina (10.15.x) security settings

Intelligence and Reconnaissance Package/Bundle installer.

Patch-level verification for Bundler

zBang is a risk assessment tool that detects potential privileged account threats

File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

Open-source tool to enforce privacy & security best-practices on Windows and macOS, because privacy is sexy 🍑🍆

Python script to decode common encoded PowerShell scripts

PoC code from DEF CON 25 presentation

Reverse shell generator written in Python 3.

eBPF Utilities, Maps, and more

Endpoint detection & Malware analysis software

⌨️ Wordlists, Dictionaries and Other Data Sets for Writing Software Security Test Cases

Extract uncompiled, uncompressed SPA code from Webpack source maps.

Cameradar hacks its way into RTSP videosurveillance cameras

dnxfirewall (dad's next-gen firewall), a pure Python next generation firewall built on top of Linux kernel/netfilter.

大型内网渗透扫描器&Cobalt Strike，Ladon8.9内置120个模块，包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2，密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem，Poc/Exploit,支持Cobalt Strike 3.X-4.0

Recsech is a tool for doing Footprinting and Reconnaissance on the target web. Recsech collects information such as DNS Information, Sub Domains, HoneySpot Detected, Subdomain takeovers, Reconnaissance On Github and much more you can see in Features in tools .

Light NodeJS rate limiting and response delaying using Redis - including Express middleware.

A static analysis tool for security

Burp Extender plugin that generates a sitemap of a website using Wayback Machine

Unlock an Android phone (or device) by bruteforcing the lockscreen PIN. Turn your Kali Nethunter phone into a bruteforce PIN cracker for Android devices! (no root, no adb)

安全编排与自动化响应平台

HackerOne "in scope" domains

ContainerSSH: Launch containers on demand

Source Code Security Audit (源代码安全审计)

A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.

Fuzz your Rust code with Google-developed Honggfuzz !

Open source application to instantly remediate common security issues through the use of AWS Config

A Blazing fast Security Auditing tool for Kubernetes

FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.

AWS Identity and Access Management Visualizer and Anomaly Finder

memory search and patch tool on debuggable apk without root & ndk

PHP安全SDK及编码规范

A simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support

Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本，最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

.NET runtime inspector

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

Awesome Java Security Resources 🕶☕🔐

Search exposed EBS volumes for secrets

(WIP) Runtime Application Instruments for iOS. Previously Passionfruit

Hide secrets with invisible characters in plain text securely using passwords 🧙🏻‍♂️⭐

Official Black Hat Arsenal Security Tools Repository

🛡️⚔️ Protect your web app from DDOS attack or the Dead Ping + CAPTCHA VERIFICATION in one line!

Linux privilege escalation auditing tool

Tools of "The Bug Hunters Methodology V2 by @jhaddix"

Python script to detect vulnerabilities inside PHP source code using static analysis, based on regex

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…

A secret manager for AWS

Data leak checker & OSINT Tool