501 Open source projects that are alternatives of or similar to Goscan

WhiteWinterWolf's PHP web shell

Detects the algorithm of input JWT Token and provide options to generate the new JWT token based on the user selected algorithm.

Windows one line commands that make life easier, shortcuts and command line fu.

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

A Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.

NmapPy - Python implementation of Nmap

This code is vulnerable to SQL Injection and having SQLite database. For SQLite database, SQL Injection payloads are different so it is for fun. Just enjoy it \m/

Sifter aims to be a fully loaded Op Centre for Pentesters

Python network worm that spreads on the local network and gives the attacker control of these machines.

A fully automatic wifi deauther coded in Python

An evil RAT (Remote Administration Tool) for macOS / OS X.

Perun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架

Encoder to bypass WAF filters using XOR operations

Create a VPS on Google Cloud Platform or Digital Ocean easily with Offensive Docker included to launch assessment to the targets.

Awesome CSIRT is an curated list of links and resources in security and CSIRT daily activities.

For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙

Just another script for automatize boolean-based blind SQL injections. (Demo)

Centralize Vulnerability Assessment and Management for DevSecOps Team

A ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network

ReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.

Raven-Storm is a powerful DDoS toolkit for penetration tests, including attacks for several protocols written in python. Takedown many connections using several exotic and classic protocols.

The ultimate WinRM shell for hacking/pentesting

Vagrant VirtualBox environment for conducting an internal network penetration test

A Cloudflare resolver that works

NSE scripts to detect CVE-2020-1350 SIGRED and CVE-2020-0796 SMBGHOST, CVE-2021-21972, proxyshell, CVE-2021-34473

Red Teaming Tactics and Techniques

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

🦄🔒 Awesome list of secrets in environment variables 🖥️

A collection of useful scripts for Cobalt Strike

Web Pentesting Fuzz 字典,一个就够了。

Rockyou for web fuzzing

Python Interactive Deepweb-oriented Rapid Intelligent Link Analyzer

MX1014 is a flexible, lightweight and fast port scanner.

Offline command line lookup utility for GTFOBins (https://github.com/GTFOBins/GTFOBins.github.io) and LOLBAS (https://github.com/LOLBAS-Project/LOLBAS)

Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.

SSRF (Server Side Request Forgery) testing resources

Command line tool that allows you to explore IoT devices by using Shodan API.

Powerful Visual Subdomain Enumeration at the Click of a Mouse

Automatic SQL injection and database takeover tool

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

Do some quick reconnaissance on a domain-based web-application

Penetration Testing and Hacking CTF's Swiss Army Knife with: Reverse Shell Handling - Encoding/Decoding - Encryption/Decryption - Cracking Hashes / Hashing

Exploit Pack -The next generation exploit framework

📡 A python program to create a fake AP and sniff data.

This script will automating scanning list of hosts with nmap

Cross-Site Scripting (XSS) command line tool for testing lists of XSS payloads on web apps.

Security Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.

Arissploit Framework is a simple framework designed to master penetration testing tools. Arissploit Framework offers simple structure, basic CLI, and useful features for learning and developing penetration testing tools.

List of every possible vulnerabilities in computer security.

An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.

OSINT Tool: Generate username lists for companies on LinkedIn

A simple wrapper for C# tools

A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

Spoilerwall introduces a brand new concept in the field of network hardening. Avoid being scanned by spoiling movies on all your ports!

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

🔨 A modern multiple reverse shell sessions manager wrote in go

Fast web fuzzer written in Go

Intercept, modify, repeat and attack Android's Binder transactions using Burp Suite