610 Open source projects that are alternatives of or similar to graphw00f

🏴‍☠️ Information Gathering tool 🏴‍☠️ DNS / Subdomains / Ports / Directories enumeration

👀 🖥️ Golang rewrite of eyes.sh. Let's you perform domain/IP address information gathering. Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?" 🔍 🕵️

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

Pentest: Subdomains enumeration tool for penetration testers.

Get GTFOBins info about a given exploit from the command line

Powerful Visual Subdomain Enumeration at the Click of a Mouse

network reconnaissance toolkit

Modern tactical exploitation toolkit.

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

A fast web directory/file enumeration tool written in Rust

This repository contains writeups for various CTFs I've participated in (Including Hack The Box).

Reconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.

Automated script to run all modules for a specified list of domains, netblocks or company name

Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.

Fully automated offensive security framework for reconnaissance and vulnerability scanning

Tool Information Gathering Write By Python.

Automated Penetration Testing Framework

A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.

Web path scanner

A MongoDB importer and API for Project Sonars DNS datasets

🆕 The Multi-Tool Web Vulnerability Scanner.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Automated NoSQL database enumeration and web application exploitation tool.

Perform automated network reconnaissance scans

A Go implementation of dirsearch.

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

Let's you perform domain/IP information gathering... in BASH! Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?"

Everything needed for doing CTFs

Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.

Security Tool to Look For Interesting Files in S3 Buckets

In-depth Attack Surface Mapping and Asset Discovery

A collection of personal scripts used in hacking excercises.

📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.

A cross-platform python based utility for information gathering and penetration testing automation!

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…

Osintgram is a OSINT tool on Instagram. It offers an interactive shell to perform analysis on Instagram account of any users by its nickname

Custom bash scripts used to automate various penetration testing tasks including recon, scanning, parsing, and creating malicious payloads and listeners with Metasploit.

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

A high performance offensive security tool for reconnaissance and vulnerability scanning

File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

Deanonymizing Tor or VPN users with website fingerprinting and machine learning.

A Handy-Dandy Personal Toolkit for Enumeration and a headstart on attacking a machine!

🧮 SOCKS5/4/4a 🌾 validating proxy pool and upstream SOCKS5 server for 🤽 LOLXDsoRANDum connections 🎋

An XMLRPC brute forcer targeting Wordpress written in Python 3. (DISCONTINUED)

A simple program written in bash that contains basic Linux network tools, information gathering tools and scanning tools.

Kali Intelligence Suite (KIS) shall aid in the fast, autonomous, central, and comprehensive collection of intelligence by executing standard penetration testing tools. The collected data is internally stored in a structured manner to allow the fast identification and visualisation of the collected information.

Multi source CVE/exploit parser.

🔍 IRIS: An open-source intelligence framework

Gotanda is browser Web Extension for OSINT.

TIGMINT: OSINT (Open Source Intelligence) GUI software framework

Extract endpoints marked as disallow in robots files to generate wordlists.

[WIP] Anti-Forensics ToolKit to clear post-intrusion sensible logfiles 🔥 (For Research Only)

Bash script that automates the enumeration of domains and DNS servers in the active information gathering.

pure python remote adb scanner + nmap scan module

Web Penetration Testing with Kali Linux - Third Edition, published by Packt

The PHP enumeration type library

Classic code from 1999+ I am fairly sure this is the first public polymorphic shellcode ever (best IMHO and others http://ids.cs.columbia.edu/sites/default/files/ccs07poly.pdf :) If I ever port this to 64 or implement a few other suggestions (sorry I lost ppc code version contributed) it will be orders of magnitude more difficult to spot, so I h…

This cheat sheet contains common enumeration and attack methods for Windows Active Directory with the use of powershell.

DevBrute is a Password Brute Forcer, It can Brute Force almost all Social Media Accounts or Any Web Application.