2080 Open source projects that are alternatives of or similar to Gitlab Watchman

Monitoring your Slack workspaces for sensitive information

Monitoring GitHub for sensitive data shared publicly

This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.

An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)

This script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

A collection of awesome security hardening guides, tools and other resources

Enumerate information from NTLM authentication enabled web endpoints 🔎

🍓📡🍍Monitor illegal wireless network activities. (Fake Access Points), (WiFi Threats: KARMA Attacks, WiFi Pineapple, Similar SSID, OPN Network Density etc.)

Collection of PowerShell functions a Red Teamer may use to collect data from a machine

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

You didn't think I'd go and leave the blue team out, right?

A Python Bytecode Disassembler helping reverse engineers in dissecting Python binaries by disassembling and analyzing the compiled python byte-code(.pyc) files across all python versions (including Python 3.10.*)

Automated, extensible toolset that runs cypher queries against Bloodhound's Neo4j backend and saves output to spreadsheets.

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

Snoop — инструмент разведки на основе открытых данных (OSINT world)

The Collective. A repo for a collection of red-team projects found mostly on Github.

Utility for hunting UAC bypasses or COM/DLL hijacks that alerts on the exported function that was consumed.

Dorothy is a tool to test security monitoring and detection for Okta environments

OSINT Bookmarks for Firefox / Chrome / Edge / Safari

一款适用于红蓝对抗中的仿真钓鱼系统

Functions that can be used to gain Reverse Shells with PowerShell

An advanced tool for email reconnaissance

DeimosC2 is a Golang command and control framework for post-exploitation.

🔎Searches Hash APIs to crack your hash quickly🔎 If hash is not found, automatically pipes into HashCat⚡

WADComs is an interactive cheat sheet, containing a curated list of Unix/Windows offensive tools and their respective commands.

GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

Slack Enumeration and Extraction Tool - extract sensitive information from a Slack Workspace

WebMap-Nmap Web Dashboard and Reporting

Bloodhound for Blue and Purple Teams

Hershell is a simple TCP reverse shell written in Go.

Scan your code for security misconfiguration, search for passwords and secrets. 🔍

bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.

🔎 Hunt down social media accounts by username across social networks

E-mails, subdomains and names Harvester - OSINT

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

Most usable tools for iOS penetration testing

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

Chashell is a Go reverse shell that communicates over DNS. It can be used to bypass firewalls or tightly restricted networks.

A fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.

记录自己编写、修改的部分工具

个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

一款面向泛前端产品研发全生命周期的效率平台。

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

💻🛡️ A curated collection of awesome resources, tools, and other shiny things for cybersecurity blue teams.

We propose a user-friendly add-on that allows you to check if your encrypted web traffic (SSL/TLS) towards secured Internet servers (HTTPS) is not intercepted (being listened to).

Displays CI statuses on a dashboard and triggers fun modules representing the status!

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

Bringing you the best of the worst files on the Internet.

Tool to visualize your groups, repositories, members and activities in your Gitlab space

A list to discover work of red team tooling and methodology for penetration testing and security assessment

A collection of electronic hacker magazines carefully curated over the years from multiple sources

Responsive Command and Control System

Badges for your GitHub tool presented at InfoSec Conference

VirusTotal Wanna Be - Now with 100% more Hipster

The goal of this repository is to document the most common techniques to bypass AppLocker.