1062 Open source projects that are alternatives of or similar to Hacking With Golang

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

大型内网渗透扫描器&Cobalt Strike，Ladon8.9内置120个模块，包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2，密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem，Poc/Exploit,支持Cobalt Strike 3.X-4.0

Reverse shell generator written in Python 3.

NodeJS Simple Network Scanner

一款功能强大的漏洞扫描器，子域名爆破使用aioDNS，asyncio异步快速扫描，覆盖目标全方位资产进行批量漏洞扫描，中间件信息收集，自动收集ip代理，探测Waf信息时自动使用来保护本机真实Ip，在本机Ip被Waf杀死后，自动切换代理Ip进行扫描，Waf信息收集(国内外100+款waf信息)包括安全狗，云锁，阿里云，云盾，腾讯云等，提供部分已知waf bypass 方案，中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等)，支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能

A Machine Learning approach for classifying a file as Malicious or Legitimate

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

ssh mitm server for security audits supporting public key authentication, session hijacking and file manipulation

Web application vulnerability scanner

X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

🆕 The Multi-Tool Web Vulnerability Scanner.

Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).

A python2 script for sweeping a network to find windows systems compromised with the DOUBLEPULSAR implant.

a javascript static security analysis tool

NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.

Faster and more efficient stateless SYN scanner and banner grabber due to userland TCP/IP stack usage.

A collection of security related Python and Bash shell scripts. Analyze hosts on generic security vulnerabilities. Wrapper around popular tools like nmap (portscanner), nikto (webscanner) and testssl.sh (SSL/TLS scanner)

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

Web Scan Lazy Tools - Python Package

Bandit is a tool designed to find common security issues in Python code.

A Python Tool For google Hacking

🔎 shodansploit > v1.3.0

Security scanner coordinator

A ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network

A default credential scanner.

InQL - A Burp Extension for GraphQL Security Testing

PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform

Enumeration sub domains(枚举子域名)

Secure, Unified, Powerful and Extensible Rust Android Analyzer

Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.

Burp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Application Security Testing (DAST).

Scrapes Router Passwords From http://www.routerpasswords.com ,more then +300 product

Open-Source Security Architecture | 开源安全架构

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

A Golang Reverse Shell w/ a Tmux-driven psuedo-C2 Interface

GitHub Sensitive Information Leakage（GitHub敏感信息泄露监控）

Application and Service Fingerprinting

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).

Python script to detect vulnerabilities inside PHP source code using static analysis, based on regex

Source Code Security Audit (源代码安全审计)

Linux vulnerability scanner based on Salt Open and Vulners audit API, with Slack notifications and JIRA integration

Kubernetes RBAC static Analysis & visualisation tool

DNS Subdomain● Brute force ● Web Spider ● Nmap Scan ● etc

Official Black Hat Arsenal Security Tools Repository

A source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' quickly using static analysis with a json based rules engine. Ideal for scanning components before use or detecting feature level changes.

kube-scan: Octarine k8s cluster risk assessment tool

Simple Golang HTTPS/TLS Examples

Socks5 server and client, utilizing epoll only.

Find secrets and passwords in container images and file systems

这是一个 Nginx 极简教程，目的在于帮助新手快速入门 Nginx。

Proxy-Scraper is simple Perl script for scraping proxies from multiple websites.

Write procedural style code that runs asynchronously. It may look synchronous, but it's not!

OWASP Threat Dragon with Gitlab Integration

Automagically create API clients/wrappers in JavaScript

A set of functions implemented using lambda-cfn to monitor an organization's AWS infrastructure for best practices, security and compliance.

The solution of keyless proxy.

BBC iPlayer programmes / Nitro API to RSS adaptor app

Ruby API client for the Censys internet-wide network-scan search engine