674 Open source projects that are alternatives of or similar to Git Scanner

Useful tools and scripts during Penetration Testing engagements

Subdomain Takeover tool written in Go

Know the dangers of credential reuse attacks.

System Optimizer and Monitoring, Security Auditing, Vulnerability scanner for Linux, macOS, and UNIX-based systems

🔎 Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.

Python Interactive Deepweb-oriented Rapid Intelligent Link Analyzer

DeepSea Phishing Gear

Some of my security stuff and vulnerabilities. Nothing advanced. More to come.

Adds a customizable "Send to..."-context-menu to your BurpSuite.

Credential stuffing engine built for security professionals

All-in-one tool for managing vulnerability reports from AppSec pipelines

Just Another Linux Enumeration Script: A Bash script for locally enumerating a compromised Linux box

An NFC research toolkit application for Android

Our OSCP repo: from popping shells to mental health.

A framework for Backdoor development!

Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start

Script samples from the book Pentesting Azure Applications (2018, No Starch Press)

a unique framework for cybersecurity simulation and red teaming operations, windows auditing for newer vulnerabilities, misconfigurations and privilege escalations attacks, replicate the tactics and techniques of an advanced adversary in a network.

pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.

A Hashcat wrapper for distributed hashcracking

A command line security audit tool for Amazon Web Services

Vulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.

An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.

Find leaked secrets via github search

SessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally.

Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries

A tool for auditing security properties of GCP projects.

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡

Steganography brute-force utility to uncover hidden data inside files

Elasticsearch for Offensive Security

network visualization & vulnerability management/reporting

XSHOCK Shellshock Exploit

jsonp is a Burp Extension which attempts to reveal JSONP functionality behind JSON endpoints. This could help reveal cross-site script inclusion vulnerabilities or aid in bypassing content security policies.

A repository of tools for pentesting of restricted and isolated environments.

A Subdomain Enumeration and Validation tool for Bug Bounty and Pentesters.

Powershell script to setup windows port forwarding using native netsh client

Cloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.

Automatic SQL injection and database takeover tool

The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters

Kubernetes Common Configuration Scoring System

Open-Source Ransomware As A Service for Linux, MacOS and Windows

WhiteWinterWolf's PHP web shell

mosquito - Automating reconnaissance and brute force attacks

Scripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient

Penetration Testing Platform

A curated list of awesome OSCP resources

Enumerate usernames on a domain where you have no creds by using SMB Relay with low priv.

Penetration test Achieve Knowledge Unite Rapid Interface

Parse OpenAPI documents into Burp Suite for automating OpenAPI-based APIs security assessments (approved by PortSwigger for inclusion in their official BApp Store).

Open-Source Security Architecture | 开源安全架构

Study Notes For Web Hacking / Web安全学习笔记

Interactive Network Scanner

A fast web directory/file enumeration tool written in Rust

Find exploit tool

A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.

🕵️‍♀️ MixAudit provides a mix deps.audit task to scan a project Mix dependencies for known Elixir security vulnerabilities

Docker images for infosec tools

一个用于识别目标网站是否采用Struts2框架开发的工具demo

foolav successor - loads DLL, executable or shellcode into memory and runs it effectively bypassing AV