501 Open source projects that are alternatives of or similar to Goscan

Elasticsearch for Offensive Security

Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.

IP Tools To quickly get information about IP Address's, Web Pages and DNS records.

OSINT

Browse and search through nmap's NSE scripts.

Gorsair hacks its way into remote docker containers that expose their APIs

A Python tool used to automate the execution of the following tools : Nmap , Nikto and Dirsearch but also to automate the report generation during a Web Penetration Testing

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

Awesome Nmap Grep

A wrapper for Nmap to quickly run network scans

Scan .onion hidden services with nmap using Tor, proxychains and dnsmasq in a minimal alpine Docker container.

🤖 The Modern Port Scanner 🤖

Idiomatic nmap library for go developers

Hack the World using Termux

ServerScan一款使用Golang开发的高并发网络扫描、服务探测工具。

A distributed nmap / masscan scanning framework complete with an API client for automation workflows

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)

A Nmap XSL implementation with Bootstrap.

hydra

This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference

Ruby on Rails Phishing Framework

Appsecco training course content on Attacking and Auditing Dockers Containers and Kubernetes Clusters

A swiss army knife for pentesting networks

Tool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.

linuxprivchecker.py -- a Linux Privilege Escalation Check Script

Python based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.

mXtract - Memory Extractor & Analyzer

Nmap - the Network Mapper. Github mirror of official SVN repository.

Advanced Web Shell

被动式漏洞扫描系统

A graph-based tool for visualizing effective access and resource relationships in AWS environments.

Web path scanner

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

Perun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架

A ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.

Exploit Pack -The next generation exploit framework

OSINT Tool: Generate username lists for companies on LinkedIn

Collection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi

👻Stowaway -- Multi-hop Proxy Tool for pentesters

Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python

Notes for taking the OSCP in 2097. Read in book form on GitBook

Hacking Toolkit

Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

Web Content Discovery Tool

Easy automated vulnerability scanning, reporting and analysis

All releases of the security research group (a.k.a. hackers) The Hacker's Choice

All MITM attacks in one place.

A Powerful Subdomain Takeover Tool

Directory/File, DNS and VHost busting tool written in Go

Attack Surface Management Platform | Sn1perSecurity LLC

Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands on training!

Reverse proxies cheatsheet

Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.

NetCat for Windows

Useful tools and scripts during Penetration Testing engagements

A web front-end for password cracking and analytics