501 Open source projects that are alternatives of or similar to Goscan

Nmap - the Network Mapper. Github mirror of official SVN repository.

Automatically Launch Google Hacking Queries Against A Target Domain

Intelligence tool but without API key

Advanced Web Shell

DNS Rebinding Exploitation Framework

被动式漏洞扫描系统

Quickly analyze and reverse engineer Android packages

A graph-based tool for visualizing effective access and resource relationships in AWS environments.

A curated list of awesome privilege escalation

Web path scanner

Extract endpoints from APK files

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

Sifter aims to be a fully loaded Op Centre for Pentesters

Perun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架

For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙

A ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

👻 A LAN dropbox chatbot controllable via Telegram

Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.

Automatic SQL injection and database takeover tool

Exploit Pack -The next generation exploit framework

Security Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.

OSINT Tool: Generate username lists for companies on LinkedIn

Collection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi

Penetration Testing notes, resources and scripts

Web Application Security Automation Framework which recons the target for various assets to maximize the attack surface for security professionals & bug-hunters

Python 3.5+ DNS asynchronous brute force utility

👻Stowaway -- Multi-hop Proxy Tool for pentesters

Open Redirect Payloads

Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python

My own OSCP guide

Notes for taking the OSCP in 2097. Read in book form on GitBook

👻Impost3r -- A linux password thief

Hacking Toolkit

Attempting to be an all in one repo for others' userful aggressor scripts as well as things we've found useful during Red Team Operations.

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

Web Content Discovery Tool

A standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)

All MITM attacks in one place.

An asynchronous enumeration & vulnerability scanner. Run all the tools on all the hosts.

A Powerful Subdomain Takeover Tool

Scaling Network Scanning. Changes prior to 1.0 may cause difficult to avoid backwards incompatibilities. You've been warned.

Attack Surface Management Platform | Sn1perSecurity LLC

My simple Swiss Army knife for http/https troubleshooting and profiling.

Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands on training!

Offensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.

Useful tools and scripts during Penetration Testing engagements

A web front-end for password cracking and analytics

Extract subdomains from SSL certificates in HTTPS sites.

A tool to automate penetration tests

Open source pre-operation C2 server based on python and powershell

The Shadow Attack Framework

A vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.

Mass scan IPs for vulnerable services

Internal penetration testing tool for Linux that can be used to enumerate OS information, domain information, shares, directories, and users through SMB.

This is a multi-use bash script for Linux systems to audit wireless networks.

Advanced Graphical User Interface for NMap

Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords

Handbook of information collection for penetration testing and src

Dradis Framework: Colllaboration and reporting for IT Security teams