1870 Open source projects that are alternatives of or similar to Hashview

🌔 Official Repository for DarkSpiritz Penetration Framework | Written in Python 🐍

Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.

Password lists with top passwords to optimize bruteforce attacks

Python-based CLI Password Analyser (Reporting Tool)

🆕 The Multi-Tool Web Vulnerability Scanner.

Vagrant VirtualBox environment for conducting an internal network penetration test

Find web directories without bruteforce

无状态子域名爆破工具

A default credential scanner.

Modular personalized dictionary generator.

Distributed "massively parallel" SQL query engine

A simple Python script that reads a text file with lots of e-mails and passwords, and tries to check if those credentials are valid by trying to login on IMAP servers.

Penetration Testing notes, resources and scripts

OSSSM (awesome). Open source short-term secure messaging

Generates malicious LNK file payloads for data exfiltration

An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.

EmbedOS - Embedded security testing virtual machine

🚀 Fast Port Scanner 🚀

Command line tool that allows you to explore IoT devices by using Shodan API.

Use ExpiredDomains.net and BlueCoat to find useful domains for red team.

A pentesting tool inspired by mr robot and derived by zphisher

JustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)

All releases of the security research group (a.k.a. hackers) The Hacker's Choice

Find cloud assets that no one wants exposed 🔎 ☁️

A REST API security testing framework.

Yet Another PHP Shell - The most complete PHP reverse shell

Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.

CrateDB is a distributed SQL database that makes it simple to store and analyze massive amounts of data in real-time.

A tool to automate penetration tests

Spoof SSDP replies and create fake UPnP devices to phish for credentials and NetNTLM challenge/response.

Hashcat WPA/WPA2 server

Useful tools and scripts during Penetration Testing engagements

A ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network

Wordlists and passwords handcrafted with ♥

hashtopolis.org

🤖 The Modern Port Scanner 🤖

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

List of every possible vulnerabilities in computer security.

Idiomatic nmap library for go developers

A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.

Official python agent for using the distributed hashcracker Hashtopolis

Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.

Steganography brute-force utility to uncover hidden data inside files

Sifter aims to be a fully loaded Op Centre for Pentesters

Fully automated offensive security framework for reconnaissance and vulnerability scanning

📊 An analytics server that doesn't undermine user's privacy

Python 3.5+ DNS asynchronous brute force utility

Wordlist, rules and masks from Kaonashi project (RootedCON 2019)

Dradis Framework: Colllaboration and reporting for IT Security teams

👻Impost3r -- A linux password thief

一款功能强大的漏洞扫描器，子域名爆破使用aioDNS，asyncio异步快速扫描，覆盖目标全方位资产进行批量漏洞扫描，中间件信息收集，自动收集ip代理，探测Waf信息时自动使用来保护本机真实Ip，在本机Ip被Waf杀死后，自动切换代理Ip进行扫描，Waf信息收集(国内外100+款waf信息)包括安全狗，云锁，阿里云，云盾，腾讯云等，提供部分已知waf bypass 方案，中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等)，支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能

An Arch Linux repository for security professionals and enthusiasts. Done the Arch Way and optimized for i686, x86_64, ARMv6, ARMv7 and ARMv8.

Remove duplicates from MASSIVE wordlist, without sorting it (for dictionary-based password cracking)

😺 Running Hashcat on Google Colab with session backup and restore.

Open source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.

HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

A powerful hacker toolkit collected more than 10 categories of open source scanners from Github - 安全行业从业者自研开源扫描器合辑

Web Application Security Automation Framework which recons the target for various assets to maximize the attack surface for security professionals & bug-hunters

PacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.