888 Open source projects that are alternatives of or similar to FSEC-VM

This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.

All-in-one tool for managing vulnerability reports from AppSec pipelines

Discover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty

Security Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.

Vulnerability Dashboard

巡风是一款适用于企业内网的漏洞快速应急，巡航扫描系统。

分布式资产安全扫描核心管理系统(弱口令扫描，漏洞扫描)

A concise, directive, specific, flexible, and free incident response plan template

Dorothy is a tool to test security monitoring and detection for Okta environments

Hourly updated database of exploit and exploitation reports

🔑 Hash type identifier (CLI & lib)

Threat Hunting queries for various attacks

A Python Bytecode Disassembler helping reverse engineers in dissecting Python binaries by disassembling and analyzing the compiled python byte-code(.pyc) files across all python versions (including Python 3.10.*)

A collection of over 5.1 million sub-domains and assets belonging to public bug bounty programs, compiled into a repo, for performing bulk operations.

A collection of some of my scripts

WebMap-Nmap Web Dashboard and Reporting

🔎Searches Hash APIs to crack your hash quickly🔎 If hash is not found, automatically pipes into HashCat⚡

Leaked pentesting manuals given to Conti ransomware crooks

A Docker Image For the Open Vulnerability Assessment Scanner (OpenVAS)

A collection of awesome security hardening guides, tools and other resources

Smersh is a pentest oriented collaborative tool used to track the progress of your company's missions.

PyIris is a modular remote access trojan toolkit written in python targeting Windows and Linux systems.

All In One Pentesting Tool For Recon & Auditing , Phone Number Lookup , Header , SSH Scan , SSL/TLS Scan & Much More.

cvebase is a community-driven vulnerability data platform to discover the world's top security researchers and their latest disclosed vulnerabilities & PoCs

A toolkit for Security Researchers

An inventory of tools and resources about CyberSecurity that aims to help people to find everything related to CyberSecurity.

TryHackMe CTFs writeups, notes, drafts, scrabbles, files and solutions.

Collection of several DDos tools.

A Tool that Finds, Enumerates, and Exploits Reolink Cameras.

This repository is used to store answers when resolving ctf challanges, how i came to that answer and the line of thought used to reach it.

Public Repository of Open Source Tools for Cyber Threat Intelligence Analysts and Researchers

This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.

🎯 XML External Entity (XXE) Injection Payload List

Comprehensive Web Based Phishing Suite for Rapid Deployment and Real-Time Alerting!

An advanced tool for email reconnaissance

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

We propose a user-friendly add-on that allows you to check if your encrypted web traffic (SSL/TLS) towards secured Internet servers (HTTPS) is not intercepted (being listened to).

Framework для сбора данных из открытых источников. В Framework используется большое количество API, их необходимо зарегистрировать самому.​

An ongoing list of virtual cybersecurity conferences.

internet monitoring osint telegram bot for windows

Monitoring GitLab for sensitive data shared publicly

Information Security Library

PatrowlHears - Vulnerability Intelligence Center / Exploits

Awesome Node.js Security resources

A list of resources in different fields of Computer Science (multiple languages)

VirusTotal Wanna Be - Now with 100% more Hipster

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

💻🛡️ A curated collection of awesome resources, tools, and other shiny things for cybersecurity blue teams.

Responsive Command and Control System

OWASP Honeypot, Automated Deception Framework.

Monitoring your Slack workspaces for sensitive information

🔐 Docker Container for Penetration Testing & Security

Extract subdomains from SSL certificates in HTTPS sites.

PyIris-backdoor is a modular, stealthy and flexible remote-access-toolkit written completely in python used to command and control other systems. It is now in the beta stage, possibly perpetually. There are bugs still present in the framework, feel free to contribute or help me out with this project its still under active development >_>

Infosec Wordlists

Find exploits in local and online databases instantly

Pentest: Subdomains enumeration tool for penetration testers.

Malware Sample Sources