512 Open source projects that are alternatives of or similar to Insectsawake

巡风是一款适用于企业内网的漏洞快速应急，巡航扫描系统。

A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python

Security Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.

Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.

Perun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架

Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns

Arissploit Framework is a simple framework designed to master penetration testing tools. Arissploit Framework offers simple structure, basic CLI, and useful features for learning and developing penetration testing tools.

Generates malicious LNK file payloads for data exfiltration

The Leading Security Assessment Framework for Android.

Awesome Nmap Grep

A simple wrapper for C# tools

Cameradar hacks its way into RTSP videosurveillance cameras

retrieve information via O365 with a valid cred

python3批量poc检测工具

An extensible toolkit providing penetration testers an easy-to-use platform to deploy Access Points during penetration testing and red team engagements.

A Binary Ninja plugin for vulnerability research.

Hawkeye filesystem analysis tool

A backdoor with a multitude of features.

The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.

🔭 Lightweight URL fuzzer and spider: Discover a web server's undisclosed files, directories and VHOSTs

分布式资产安全扫描核心管理系统(弱口令扫描，漏洞扫描)

HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.

DNS-Persist is a post-exploitation agent which uses DNS for command and control.

AWS Identity and Access Management Visualizer and Anomaly Finder

A tool to fastly get all javascript sources/files

Rockyou for web fuzzing

Dynamic file detection tool based on crawler 基于爬虫的动态敏感文件探测工具

Linux post exploitation privilege escalation enumeration

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…

Enumerate and decrypt TeamViewer credentials from Windows registry

A static analysis tool for security

Spoof SSDP replies and create fake UPnP devices to phish for credentials and NetNTLM challenge/response.

Extracting URLs of a specific target based on the results of "commoncrawl.org"

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

Penetration testing and auditing toolkit for Android apps.

web-based OSINT and reconaissance toolkit

Ary 是一个集成类工具，主要用于调用各种安全工具，从而形成便捷的一键式渗透。

File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

Linux and Windows shellcode enrichment utility

An automated e-mail OSINT tool

RSPET (Reverse Shell and Post Exploitation Tool) is a Python based reverse shell equipped with functionalities that assist in a post exploitation scenario.

Captcha Intruder (CIntrud3r) is an automatic pentesting tool to bypass captchas.

Security scanner for your Terraform code

⚡️ Worlds fastest steghide cracker, chewing through millions of passwords per second ⚡️

Capture-the-Flag (CTF) environment setup tools for OWASP Juice Shop

A Virtual environment for Pentesting IoT Devices

SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈

A Python tool used to automate the execution of the following tools : Nmap , Nikto and Dirsearch but also to automate the report generation during a Web Penetration Testing

A simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support

Physmem2profit can be used to create a minidump of a target hosts' LSASS process by analysing physical memory remotely

Automated All-in-One OS Command Injection Exploitation Tool.

🌔 Official Repository for DarkSpiritz Penetration Framework | Written in Python 🐍

Phishing Tool & Information Collector

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

This is my OSCP cheat sheet made by combining a lot of different resources online with a little bit of tweaking. I used this cheat sheet during my exam (Fri, 13 Sep 2019) and during the labs. I can proudly say it helped me pass so I hope it can help you as well ! Good Luck and Try Harder

Shodanwave is a tool for exploring and obtaining information from Netwave IP Camera.

Advanced and easy to use penetration testing framework 💣🔎

PHP function tracker

Automated client-side template injection (sandbox escape/bypass) detection for AngularJS.