1771 Open source projects that are alternatives of or similar to Gitgraber

Tools of "The Bug Hunters Methodology V2 by @jhaddix"

Dashboard to collect, analyze, and respond to reported phishing emails.

HackerOne "in scope" domains

ASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight

A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).

Burp Extender plugin that generates a sitemap of a website using Wayback Machine

Intelligence and Reconnaissance Package/Bundle installer.

Search Google/Bing/Ecosia/DuckDuckGo/Yandex/Yahoo for a search term with a default set of websites, bug bounty programs or a custom collection.

Python library and CLI for the Bug Bounty Recon API

Hardening Ubuntu. Systemd edition.

Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

The OSINT Omnibus (beta release)

Enumerate information from NTLM authentication enabled web endpoints 🔎

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

Related subdomains finder

OSINT Bookmarks for Firefox / Chrome / Edge / Safari

Community restock monitor template

Amazingly fast response crawler to find juicy stuff in the source code! 😎🔥

🔎 Find usernames across social networks

Leverage the ability of Terraform and AWS or GCP to distribute large security scans across numerous cloud instances.

LinkedinScraper is an another information gathering tool written in python. You can scrape employees of companies on Linkedin.com and then create these employee names, titles and emails.

Gosint is a distributed asset information collection and vulnerability scanning platform

A list of vulnerabilities or design flaws that Microsoft does not intend to fix. Since the number is growing, I decided to make a list. This list covers only vulnerabilities that came up in July 2021 (and SpoolSample ;-))

Do some quick reconnaissance on a domain-based web-application

Awesome cloud enumerator

This script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)

secureCodeBox (SCB) - continuous secure delivery out of the box

HTTP Request Smuggling over HTTP/2 Cleartext (h2c)

NebulousAD automated credential auditing tool.

👻Impost3r -- A linux password thief

Watchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.

PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform

Secure, Unified, Powerful and Extensible Rust Android Analyzer

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

a tool to analyze filesystem images for security

a unique framework for cybersecurity simulation and red teaming operations, windows auditing for newer vulnerabilities, misconfigurations and privilege escalations attacks, replicate the tactics and techniques of an advanced adversary in a network.

🔎 shodansploit > v1.3.0

Golang security checker

Extract and aggregate threat intelligence.

Burp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Application Security Testing (DAST).

API, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)

mXtract - Memory Extractor & Analyzer

A ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network

OneForAll是一款功能强大的子域收集工具

Making Favicon.ico based Recon Great again !

E-mails, subdomains and names Harvester - OSINT

Reconnaissance tool for GitHub code search. Finds exposed API keys using pattern matching, commit history searching, and a unique result scoring system.

🔎 Hunt down social media accounts by username across social networks

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)

StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Dark Web OSINT Tool

a recon tool that allows searching on URLs that are exposed via shortener services

An open source tool to aid in command line driven generation of bug bounty reports based on user provided templates.

Rescope is a tool geared towards pentesters and bugbounty researchers, that aims to make life easier when defining scopes for Burp Suite and OWASP ZAP.

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

Mining parameters from dark corners of Web Archives

Snoop — инструмент разведки на основе открытых данных (OSINT world)