1101 Open source projects that are alternatives of or similar to Gourdscanv2

Security Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.

巡风是一款适用于企业内网的漏洞快速应急，巡航扫描系统。

Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.

Dradis Framework: Colllaboration and reporting for IT Security teams

Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.

分布式资产安全扫描核心管理系统(弱口令扫描，漏洞扫描)

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

SEC分布式资产扫描系统

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…

Web path scanner

RSPET (Reverse Shell and Post Exploitation Tool) is a Python based reverse shell equipped with functionalities that assist in a post exploitation scenario.

Cameradar hacks its way into RTSP videosurveillance cameras

Automatic SQL injection with Charles and sqlmap api

sgCheckup generates nmap output based on scanning your AWS Security Groups for unexpected open ports.

🖖 Fast, modern, easy-to-use network scanner

Zero-setup SSH-based scanner with extensive visualizations for Debian server inventory, policy compliance and vulnerabilities

🦁 Juumla is a python tool created to identify Joomla version, scan for vulnerabilities and search for config or backup files.

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

Port scanning and domain utility.

Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework

Awesome cloud enumerator

Comprehensive Web Based Phishing Suite for Rapid Deployment and Real-Time Alerting!

一款信息泄漏利用工具，适用于.git/.svn源代码泄漏和.DS_Store泄漏

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)

Scan .onion hidden services with nmap using Tor, proxychains and dnsmasq in a minimal alpine Docker container.

Hawkeye filesystem analysis tool

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

Scanner, signatures and the largest collection of Magento malware

swiss army knife for hackers

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats.

Pentest: Subdomains enumeration tool for penetration testers.

RFMap - Radio Frequency Mapper

A high performance offensive security tool for reconnaissance and vulnerability scanning

Command line tool that allows you to explore IoT devices by using Shodan API.

Simple Keylogger with smtp to send emails on your account using python works on linux and Windows

Selenium powered Python script to automate searching for vulnerable web apps.

Misc. Public Reports of Penetration Testing and Security Audits.

Web Application Security Scanner Framework

🔐 Docker Container for Penetration Testing & Security

Sifter aims to be a fully loaded Op Centre for Pentesters

Extract subdomains from SSL certificates in HTTPS sites.

Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.

Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords

Web-based Source Code Vulnerability Scanner

An Arch Linux repository for security professionals and enthusiasts. Done the Arch Way and optimized for i686, x86_64, ARMv6, ARMv7 and ARMv8.

Idiomatic nmap library for go developers

Hetty is an HTTP toolkit for security research.

Vulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.

Extract endpoints from APK files

Web Content Discovery Tool

Intelligence tool but without API key

Hacking Toolkit

Pentest Report Generator

Gorsair hacks its way into remote docker containers that expose their APIs

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

Python network tool, similar to Netcat with custom features.

A simple tool for interacting with OWASP ZAP from the commandline.

Next generation web scanner