1470 Open source projects that are alternatives of or similar to Information Security Tasks

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.

LeakScraper is an efficient set of tools to process and visualize huge text files containing credentials. Theses tools are designed to help penetration testers and redteamers doing OSINT by gathering credentials belonging to their target.

The entire walkthrough of all my resolved TryHackMe rooms

E-mails, subdomains and names Harvester - OSINT

Intel Owl: analyze files, domains, IPs in multiple ways from a single API at scale

OSINT Bookmarks for Firefox / Chrome / Edge / Safari

Provides various Windows Server Active Directory (AD) security-focused reports.

Advanced and easy to use penetration testing framework 💣🔎

Snoop — инструмент разведки на основе открытых данных (OSINT world)

A collection of electronic hacker magazines carefully curated over the years from multiple sources

This repository contains full code examples from the book Gray Hat C#

This tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely useful for a forensics team to extract timestamps after an attack on a host to collect evidences and perform further analysis.

OSINT

🏴‍☠️ Tools for pentesting, CTFs & wargames. 🏴‍☠️

fireELF - Fileless Linux Malware Framework

Open source pre-operation C2 server based on python and powershell

my oscp prep collection

OSINT Tool: Generate username lists for companies on LinkedIn

Scan your code for security misconfiguration, search for passwords and secrets. 🔍

operative framework is a OSINT investigation framework, you can interact with multiple targets, execute multiple modules, create links with target, export rapport to PDF file, add note to target or results, interact with RESTFul API, write your own modules.

This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference

A repository for using osquery for incident detection and response

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

A collection of scripts I've written to help red and blue teams with malware persistence techniques.

Perun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架

SIAC is an enterprise SIEM built on open-source technology.

Automatically Launch Google Hacking Queries Against A Target Domain

GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

HostHunter a recon tool for discovering hostnames using OSINT techniques.

👻Stowaway -- Multi-hop Proxy Tool for pentesters

mXtract - Memory Extractor & Analyzer

Slack Enumeration and Extraction Tool - extract sensitive information from a Slack Workspace

WADComs is an interactive cheat sheet, containing a curated list of Unix/Windows offensive tools and their respective commands.

OPCDE Cybersecurity Conference Materials

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

DeepSea Phishing Gear

🔎 Hunt down social media accounts by username across social networks

FAME Automates Malware Evaluation

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

Semi-automatic OSINT framework and package manager

Intelligence tool but without API key

Maltego CaseFile entities for information security investigations, malware analysis and incident response

API, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)

mosquito - Automating reconnaissance and brute force attacks

Bramble is a hacking Open source suite.

Australian Open Source Intelligence Gathering Resources, Australias Largest Open Source Intelligence Repository for Cyber Professionals and Ethical Hackers

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

A list to discover work of red team tooling and methodology for penetration testing and security assessment

Wazuh - Chef cookbooks

An OSINT Metadata analyzing tool that filters through tags and creates reports

GCP CIS 1.1.0 Benchmark InSpec Profile

gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...

ThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.

Security automation content in SCAP, OSCAL, Bash, Ansible, and other formats

Venom - A Multi-hop Proxy for Penetration Testers