996 Open source projects that are alternatives of or similar to Grecon

Security Tool to Look For Interesting Files in S3 Buckets

Attack surface mapping

Useful tools and scripts during Penetration Testing engagements

This repo is about @harshbothra_ 365 days of learning Tweet & Mindmap collection

pentest framework

An Python Script For Generating Payloads that Bypasses All Antivirus so far .

红队作战中比较常遇到的一些重点系统漏洞整理。

Auto Scanning to SSL Vulnerability

Security tool to trace URL's jumps across the rel links to obtain the last URL

BlackRAT - Java Based Remote Administrator Tool

Repo for YouTube series

Apache Solr Injection Research

Docker security analysis & hacking tools

Tool for automating customized attacks against web applications. Fully made in C language with pthreads, it has fast performance.

Given a list of hosts, this small utility fetches all whitelisted domains from the hosts' CSPs.

The New Hacking Framework

This challenge is Inon Shkedy's 31 days API Security Tips.

Internal penetration testing tool for Linux that can be used to enumerate OS information, domain information, shares, directories, and users through SMB.

List of Awesome Asset Discovery Resources

a recon tool that finds sensitive data inside the screenshots uploaded to prnt.sc

Extension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.

A collection of response templates for invalid bug bounty reports.

Building an Active Directory domain and hacking it

Robot Vulnerability Database. An archive of robot vulnerabilities and bugs.

An ongoing list of virtual cybersecurity conferences.

tool to extract passwords from TeamViewer memory using Frida

Multi-thread Twitter BruteForcer in Shell Script

Community curated list of templates for the nuclei engine to find security vulnerabilities.

linux动态链接库的注入修改查找工具 A tool for injection, modification and search of linux dynamic link library

A front-end JavaScript toolkit for creating DNS rebinding attacks.

Automatically Launch Google Hacking Queries Against A Target Domain

Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.

Pop shells like a master.

Attack Surface Management Platform | Sn1perSecurity LLC

ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.

Top disclosed reports from HackerOne

Collection of quality safety articles. Awesome articles.

Penetration Testing notes, resources and scripts

A social experiment

for mass exploiting

#legalbugbounty project — creating safe harbors on bug bounty programs and vulnerability disclosure programs. Authored by Amit Elazari.

📡 A python program to create a fake AP and sniff data.

☠️ An Arduino-based USB keyboard simulator which injects keystrokes via Bluetooth protocol or predefined payloads in a SD card.

A simple keylogger for Windows, Linux and Mac

The Web Application Hacker's Handbook - Extra Content

HULK DoS tool ported to Go with some additional features.

🏴‍☠️ Tools for pentesting, CTFs & wargames. 🏴‍☠️

Intelligence tool but without API key

TakeTV permite descubrir dispositivos de red DLNA/UPnP y ayuda a reproducir archivos multimedia en los televisores inteligentes desde nuestra terminal en Linux.

BruteSploit is a collection of method for automated Generate, Bruteforce and Manipulation wordlist with interactive shell. That can be used during a penetration test to enumerate and maybe can be used in CTF for manipulation,combine,transform and permutation some words or file text :p

A time lapse app for Sony Alpha camera using the OpenMemories framework

This tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs enabling attackers to read data they shouldn't be able to. This tool is originally based on Microsoft: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in

DNS Rebinding Exploitation Framework

📓 Some security related notes

arpspoof for macOS - intercept packets on a switched LAN

Wi-Fi tools keep getting more and more accessible to beginners, and the Ehtools Framework is a framework of serious penetration tools that can be explored easily from within it. This powerful and simple tool can be used for everything from installing new add-ons to grabbing a WPA handshake in a matter of seconds. Plus, it's easy to install, set up, and utilize.

Abusing Certificate Transparency logs for getting HTTPS websites subdomains.

Transcribed video lessons of HackerOne to pdf's

bug bounty hunters starter notes