1422 Open source projects that are alternatives of or similar to Flask Unsign

A simple keylogger for Windows, Linux and Mac

Blazy is a modern login bruteforcer which also tests for CSRF, Clickjacking, Cloudflare and WAF .

vulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}

DNS Sub-domain brute forcer, in Python + gevent

Jackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.

Some of my CTF solutions

USB Rubber Ducky type scripts written for the DigiSpark.

A collection of awesome security hardening guides, tools and other resources

Penetrum LLC opensource security tool list.

This tool aims at automating the identification of potential service running behind ports identified manually either through manual scan or services running locally. The tool is useful when nmap or any scanning tool is not available and in the situation during which you did a manual port scanning and then want to identify the services running behind the identified ports.

A collection of more than 140+ tools, scripts, cheatsheets and other loots that I have developed over years for Red Teaming/Pentesting/IT Security audits purposes. Most of them came handy on at least one of my real-world engagements.

emba - An analyzer for Linux-based firmware of embedded devices.

Instagram password bruteforcer

(Python) Program to simulate multiple sessions on adidas queue pages.

BlackRAT - Java Based Remote Administrator Tool

SQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcing

Fast browser-based network discovery module

An ncurses-based Tox client (please make pull requests on the development fork: https://github.com/toktok/toxic)

Pentest environment deployer (kali linux + targets) using vagrant and chef.

A Powerful Subdomain Takeover Tool

Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.

📚Translate the distinct technical blogs. Please star or watch. Welcome to join me.

Kali Linux 工具合集中文说明书

An Unsupervised Graph-based Toolbox for Fraud Detection

DotDotPwn - The Directory Traversal Fuzzer

Reconnaissance tool for GitHub code search. Finds exposed API keys using pattern matching, commit history searching, and a unique result scoring system.

PwnableWeb is a suite of web applications for use in information security training.

Application and Service Fingerprinting

Provide powerful tools for seccomp analysis

Terraform module to set up your AWS account with the secure baseline configuration based on CIS Amazon Web Services Foundations and AWS Foundational Security Best Practices.

Scrapes Router Passwords From http://www.routerpasswords.com ,more then +300 product

OWASP WEB Directory Scanner

Work in progress...

Openwrt 18.06.5 featured with the Exein's security framework

Modern tactical exploitation toolkit.

Automatic Exploit Generation (AEG) and remote flag capture for exploitable CTF problems

We propose a user-friendly add-on that allows you to check if your encrypted web traffic (SSL/TLS) towards secured Internet servers (HTTPS) is not intercepted (being listened to).

kube-scan: Octarine k8s cluster risk assessment tool

Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security.

Thoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.

Responsive Command and Control System

Script samples from the book Pentesting Azure Applications (2018, No Starch Press)

A Machine Learning approach for classifying a file as Malicious or Legitimate

a project aim to collect CTF web practices .

Most usable tools for iOS penetration testing

Automatically brute force all services running on a target.

🔒 Anti DDOS | Bash Script Project 🔒

安全总是无处不在...

A python2 script for sweeping a network to find windows systems compromised with the DOUBLEPULSAR implant.

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

a javascript static security analysis tool

Hack the World using Termux

Rate-limiting middleware for Koa2 ES6. Use to limit repeated requests to APIs and/or endpoints such as password reset.

Documentation:

A collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me

Advanced Web Shell

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

A distributed nmap / masscan scanning framework complete with an API client for automation workflows

Command-line passphrase generator

Write exploit faster with up-to-date python 3