3225 Open source projects that are alternatives of or similar to Hosthunter

A ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

Python library and CLI for the Bug Bounty Recon API

Enumerate information from NTLM authentication enabled web endpoints 🔎

Your Google Recon is Now Automated

All releases of the security research group (a.k.a. hackers) The Hacker's Choice

An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.

network reconnaissance toolkit

WPrecon (WordPress Recon), is a vulnerability recognition tool in CMS Wordpress, developed in Go and with scripts in Lua.

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

swiss army knife for hackers

Python 3.5+ DNS asynchronous brute force utility

Quiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

A small Php application to fetch archive url snapshots from archive.org. using it you can fetch complete list of snapshot urls of any year or complete list of all years possible. Made Specially for penetration testing purpose.

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

A Python tool used to automate the execution of the following tools : Nmap , Nikto and Dirsearch but also to automate the report generation during a Web Penetration Testing

一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具，可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如：Title、Domain、CDN、指纹信息、状态信息等。

Official Black Hat Arsenal Security Tools Repository

Rockyou for web fuzzing

Phonia Toolkit is one of the most advanced toolkits to scan phone numbers using only free resources. The goal is to first gather standard information such as country, area, carrier and line type on any international phone numbers with a very good accuracy.

Spoof SSDP replies and create fake UPnP devices to phish for credentials and NetNTLM challenge/response.

Vagrant VirtualBox environment for conducting an internal network penetration test

Command line tool that allows you to explore IoT devices by using Shodan API.

A Bash script and Docker image for Bug Bounty reconnaissance. Intended for headless use.

Rubyfu, where Ruby goes evil!

Wordpress 🔥 Joomla 🔥 Drupal 🔥 OsCommerce 🔥 Prestashop 🔥 Opencart 🔥

A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.

Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network

Entropy Toolkit is a set of tools to provide Netwave and GoAhead IP webcams attacks. Entropy Toolkit is a powerful toolkit for webcams penetration testing.

Web Inventory tool, takes screenshots of webpages using Pyppeteer (headless Chrome/Chromium) and provides some extra bells & whistles to make life easier.

Automatically Launch Google Hacking Queries Against A Target Domain

Automated network asset, email, and social media profile discovery and cataloguing.

⌨️ Wordlists, Dictionaries and Other Data Sets for Writing Software Security Test Cases

In-depth Attack Surface Mapping and Asset Discovery

Awesome cloud enumerator

HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.

GUI based offensive penetration testing tool (Open Source)

E-mails, subdomains and names Harvester - OSINT

🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.

Automated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]

a recon tool that allows searching on URLs that are exposed via shortener services

Dark Web OSINT Tool

CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.

hacker, ready for more of our story ! 🚀

List of Awesome Asset Discovery Resources

Idiomatic nmap library for go developers

Discover Your Attack Surface!

Vulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.

一款功能强大的漏洞扫描器，子域名爆破使用aioDNS，asyncio异步快速扫描，覆盖目标全方位资产进行批量漏洞扫描，中间件信息收集，自动收集ip代理，探测Waf信息时自动使用来保护本机真实Ip，在本机Ip被Waf杀死后，自动切换代理Ip进行扫描，Waf信息收集(国内外100+款waf信息)包括安全狗，云锁，阿里云，云盾，腾讯云等，提供部分已知waf bypass 方案，中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等)，支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能

An OSINT CLI tool desgined to fast track IP Reputation and Geo-locaton look up for Security Analysts.

An automated approach to performing recon for bug bounty hunting and penetration testing.

An OSINT tool to gather information about the real owner of a phone number

An advanced tool for email reconnaissance

Email OSINT & Password breach hunting tool, locally or using premium services. Supports chasing down related email

A Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.

People tracker on the Internet: OSINT analysis and research tool by Jose Pino

gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...

Yet Another PHP Shell - The most complete PHP reverse shell

A MongoDB importer and API for Project Sonars DNS datasets