1067 Open source projects that are alternatives of or similar to github-watchman

This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.

An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)

Monitoring your Slack workspaces for sensitive information

Monitoring GitLab for sensitive data shared publicly

Dorothy is a tool to test security monitoring and detection for Okta environments

一款适用于红蓝对抗中的仿真钓鱼系统

Functions that can be used to gain Reverse Shells with PowerShell

🦄🔒 Awesome list of secrets in environment variables 🖥️

💻🛡️ A curated collection of awesome resources, tools, and other shiny things for cybersecurity blue teams.

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

🦁 Juumla is a python tool created to identify Joomla version, scan for vulnerabilities and search for config or backup files.

A collection of awesome security hardening guides, tools and other resources

A Python Bytecode Disassembler helping reverse engineers in dissecting Python binaries by disassembling and analyzing the compiled python byte-code(.pyc) files across all python versions (including Python 3.10.*)

This script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

Utility for hunting UAC bypasses or COM/DLL hijacks that alerts on the exported function that was consumed.

Collection of PowerShell functions a Red Teamer may use to collect data from a machine

OSINT Bookmarks for Firefox / Chrome / Edge / Safari

Purple Team Exercise Framework

The Collective. A repo for a collection of red-team projects found mostly on Github.

A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

Snoop — инструмент разведки на основе открытых данных (OSINT world)

Automated, extensible toolset that runs cypher queries against Bloodhound's Neo4j backend and saves output to spreadsheets.

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

You didn't think I'd go and leave the blue team out, right?

Provides various Windows Server Active Directory (AD) security-focused reports.

This repository is used to store answers when resolving ctf challanges, how i came to that answer and the line of thought used to reach it.

A collection of over 5.1 million sub-domains and assets belonging to public bug bounty programs, compiled into a repo, for performing bulk operations.

C# based tool which automates the process of discovering and exploiting DLL Hijacks in target binaries. The Hijacked paths discovered can later be weaponized during Red Team Operations to evade EDR's.

Public Repository of Open Source Tools for Cyber Threat Intelligence Analysts and Researchers

This repo will contain some basic pentest/RT commands.

Offensive Reverse Shell (Cheat Sheet)

Leaked pentesting manuals given to Conti ransomware crooks

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

Comprehensive Web Based Phishing Suite for Rapid Deployment and Real-Time Alerting!

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

WebMap-Nmap Web Dashboard and Reporting

All In One Pentesting Tool For Recon & Auditing , Phone Number Lookup , Header , SSH Scan , SSL/TLS Scan & Much More.

🔎Searches Hash APIs to crack your hash quickly🔎 If hash is not found, automatically pipes into HashCat⚡

🎯 XML External Entity (XXE) Injection Payload List

An advanced tool for email reconnaissance

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

Vulnerability Dashboard

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

We propose a user-friendly add-on that allows you to check if your encrypted web traffic (SSL/TLS) towards secured Internet servers (HTTPS) is not intercepted (being listened to).

👻Behold3r -- 收集指定网站的子域名，并可监控指定网站的子域名更新情况，发送变更报告至指定邮箱

An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.

Backend logic implementation for Vulnerability Management System

Bringing you the best of the worst files on the Internet.

Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) via Syswhispers2

cvebase is a community-driven vulnerability data platform to discover the world's top security researchers and their latest disclosed vulnerabilities & PoCs

Awesome Node.js Security resources

A toolkit for Security Researchers

An ongoing list of virtual cybersecurity conferences.

Wireshark Cheat Sheet

PyIris-backdoor is a modular, stealthy and flexible remote-access-toolkit written completely in python used to command and control other systems. It is now in the beta stage, possibly perpetually. There are bugs still present in the framework, feel free to contribute or help me out with this project its still under active development >_>

VirusTotal Wanna Be - Now with 100% more Hipster