893 Open source projects that are alternatives of or similar to Gorsh

Open-Source PE Packer

Enumerate and disable common sources of telemetry used by AV/EDR.

Vulnerability Dashboard

Performing security tests inside your CI

A repository of sysmon configuration modules

Idiomatic nmap library for go developers

Generalized proof of concept tool which can be used for drop-in bruteforce protection when needed.

Cloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.

🔒 Anti DDOS | Bash Script Project 🔒

a tool to analyze filesystem images for security

DeepSea Phishing Gear

A tool to update your project's dependencies on GitHub. Runs on pyup.io, comes with a command line interface.

Maintained collection of OSINT related resources. (All Free & Actionable)

Course Repository for University of Cincinnati Malware Analysis Class (CS[567]038)

A python2 script for sweeping a network to find windows systems compromised with the DOUBLEPULSAR implant.

Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords

Security Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.

Scripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient

Ladon Pentest Scanner framework 全平台LadonGo开源内网渗透扫描器框架，使用它可轻松一键批量探测C段、B段、A段存活主机、高危漏洞检测MS17010、SmbGhost，远程执行SSH/Winrm，密码爆破SMB/SSH/FTP/Mysql/Mssql/Oracle/Winrm/HttpBasic/Redis，端口扫描服务识别PortScan指纹识别/HttpBanner/HttpTitle/TcpBanner/Weblogic/Oxid多网卡主机，端口扫描服务识别PortScan。

Security automation content in SCAP, OSCAL, Bash, Ansible, and other formats

🤖 The Modern Port Scanner 🤖

Find exploit tool

Store data in a simple and secure way

A curated list of awesome social engineering resources.

Security Orchestration, Automation and Response (SOAR) Platform. 安全编排与自动化响应平台，无需编写代码的安全自动化，使用 SOAR 可以让团队工作更加高效

个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

A light-weight password manager with a focus on simplicity and security

iOS/macOS/Linux Remote Administration Tool

Remove code signatures from OSX Mach-O binaries (note: unsigned binaries cannot currently be re-codesign'ed. Patches welcome!)

🆕 The Multi-Tool Web Vulnerability Scanner.

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能

Web application vulnerability scanner

Perun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架

Awesome Ruby Security resources

Script collection to bypass Network Access Control (NAC, 802.1x)

🍓📡🍍Monitor illegal wireless network activities. (Fake Access Points), (WiFi Threats: KARMA Attacks, WiFi Pineapple, Similar SSID, OPN Network Density etc.)

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

Scripts to gather system configuration information for offline/remote auditing

🔨 A modern multiple reverse shell sessions manager wrote in go

Attempting to be an all in one repo for others' userful aggressor scripts as well as things we've found useful during Red Team Operations.

Scapy: the Python-based interactive packet manipulation program & library. Supports Python 2 & Python 3.

Scan for open AWS S3 buckets and dump the contents

Dumping SAM / SECURITY / SYSTEM registry hives with a Beacon Object File

📷 ViewFinder - NodeJS product to make the browser into a web app. WTF RBI. CBII. Remote browser isolation, embeddable browserview, secure chrome saas. Licenses, managed, self-hosted. Like S2, WebGap, Bromium, Authentic8, Menlo Security and Broadcom, but open source with free live demos available now! Also, integrated RBI/CDR with CDR from https://github.com/dosyago/p2%2e

API, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)

这是一个抓取浏览器密码的工具，后续会添加更多功能

syzkaller is an unsupervised coverage-guided kernel fuzzer

A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.

WinAppDbg Debugger

macro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments. The goal of macro_pack is to simplify exploitation, antimalware bypass, and automatize the process from malicious macro and script generation to final document generation. It also provides a lot of helpful features useful for redteam or security research.

Bug Bounty Guide is a launchpad for bug bounty programs and bug bounty hunters.

Scaling Network Scanning. Changes prior to 1.0 may cause difficult to avoid backwards incompatibilities. You've been warned.

Social Network Tabs Wordpress Plugin Vulnerability - CVE-2018-20555

无状态子域名爆破工具

E-mails, subdomains and names Harvester - OSINT

a javascript static security analysis tool

Trigram database written in C++, suited for malware indexing

Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.

🔎 Hunt down social media accounts by username across social networks

A list of useful payloads and bypass for Web Application Security and Pentest/CTF