1265 Open source projects that are alternatives of or similar to Goby

Hacking Toolkit

Tool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.

Machine Learning based Intrusion Detection Systems are difficult to evaluate due to a shortage of datasets representing accurately network traffic and their associated threats. In this project we attempt at solving this problem by presenting two taxonomies

🤖 The Modern Port Scanner 🤖

Dark Web OSINT Tool

Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework

vulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}

🏴‍☠️ Information Gathering tool 🏴‍☠️ DNS / Subdomains / Ports / Directories enumeration

Set of tools to audit SIP based VoIP Systems

A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).

Hide secrets with invisible characters in plain text securely using passwords 🧙🏻‍♂️⭐

swiss army knife for hackers

Drone pentesting framework console

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

Container with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

It's a simple tool for test vulnerability shellshock

大型内网渗透扫描器&Cobalt Strike，Ladon8.9内置120个模块，包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2，密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem，Poc/Exploit,支持Cobalt Strike 3.X-4.0

安全编排与自动化响应平台

Cameradar hacks its way into RTSP videosurveillance cameras

Vulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.

Fully automated offensive security framework for reconnaissance and vulnerability scanning

dnxfirewall (dad's next-gen firewall), a pure Python next generation firewall built on top of Linux kernel/netfilter.

Next generation web scanner

一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具，可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如：Title、Domain、CDN、指纹信息、状态信息等。

A Python Tool For google Hacking

Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.

Web application vulnerability scanner

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.

X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

HostHunter a recon tool for discovering hostnames using OSINT techniques.

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

The Swiss Army knife for automated Web Application Testing

Awesome hacking is an awesome collection of hacking tools.

Micro-framework for rapid development of reusable security tools

Automated NoSQL database enumeration and web application exploitation tool.

An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.

🛡️⚔️ Protect your web app from DDOS attack or the Dead Ping + CAPTCHA VERIFICATION in one line!

Advanced and easy to use penetration testing framework 💣🔎

File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.

Official Black Hat Arsenal Security Tools Repository

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

Security Orchestration, Automation and Response (SOAR) Platform. 安全编排与自动化响应平台，无需编写代码的安全自动化，使用 SOAR 可以让团队工作更加高效

PacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

A Linux packet crafting tool.

HULK DoS tool ported to Go with some additional features.

Security scanner coordinator

The Web Application Hacker's Handbook - Extra Content

Burp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Application Security Testing (DAST).

Penetration Testing notes, resources and scripts

Extract and aggregate threat intelligence.

E2E test framework for tests with complex environment requirements.

BruteSploit is a collection of method for automated Generate, Bruteforce and Manipulation wordlist with interactive shell. That can be used during a penetration test to enumerate and maybe can be used in CTF for manipulation,combine,transform and permutation some words or file text :p