893 Open source projects that are alternatives of or similar to Intruderpayloads

The unofficial HackerOne disclosure Timeline

wide range mass audit toolkit

Decode All Bases - Base Scheme Decoder

massive SQL injection vulnerability scanner

The Art, Science, and Engineering of Fuzzing: A Survey

burpsuite extension for extract information from data

A high performance offensive security tool for reconnaissance and vulnerability scanning

Physics platform is a tool for hardware systems (e.g: raspberryPi 3B ). It retrieves data passing through the network and sends it to a control panel. It works the same way as a botnet by receiving remote commands. (you can imagine that as a black box)

HTML5 WebSocket message fuzzer

HackBar plugin for Burpsuite

Fuzz your Rust code with Google-developed Honggfuzz !

PoC of injecting code into a running Linux process

A tool to check a bunch of URLs that contain reflecting params.

Xojo classes to build a SQL statement

Change monitoring app that checks the content of web pages in different periods.

Koin - a pragmatic lightweight dependency injection framework for Kotlin

Side-channel toolkit in Julia

🌘🦊 DalFox(Finder Of XSS) / Parameter Analysis and XSS Scanning tool based on golang

A powerful capture and injection tool for the Android platform

A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.

Adds a customizable "Send to..."-context-menu to your BurpSuite.

A Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.

Burp Bounty profiles compilation, feel free to contribute!

linux elf injector for x86 x86_64 arm arm64

Janusec Application Gateway, Provides Fast and Secure Application Delivery. JANUSEC应用网关，提供快速、安全的应用交付。

An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.

Rapid is a Go library for property-based testing that supports state machine ("stateful" or "model-based") testing and fully automatic test case minimization ("shrinking")

OSS-Fuzz - continuous fuzzing for open source software.

A fast SAT solver

A fast, parallel test case minimization tool.

Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting

Exercises to learn how to fuzz with American Fuzzy Lop

Bugs are inevitable. Suffering is optional.

Subdomain Takeover tool written in Go

An attack tool designed to remotely disable CCTV camera streams (like in spy movies)

Net packets capture & injection library designed for Android

Collection of Facebook Bug Bounty Writeups

StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.

Python library and CLI for the Bug Bounty Recon API

Multi Tool Subdomain Enumeration

Fawkes is a tool to search for targets vulnerable to SQL Injection. Performs the search using Google search engine.

Simple obfuscation tool

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

An open source tool to aid in command line driven generation of bug bounty reports based on user provided templates.

Curated list of resources on testing distributed systems

Wifiphisher is a rogue Access Point framework for conducting red team engagements or Wi-Fi security testing. Using Wifiphisher, penetration testers can easily achieve a man-in-the-middle position against wireless clients by performing targeted Wi-Fi association attacks. Wifiphisher can be further used to mount victim-customized web phishing attacks against the connected clients in order to capture credentials (e.g. from third party login pages or WPA/WPA2 Pre-Shared Keys) or infect the victim stations with malwares.

Angora is a mutation-based fuzzer. The main goal of Angora is to increase branch coverage by solving path constraints without symbolic execution.

Domain-Specific Fuzzing with Waypoints

SwiftDI the new way to use your dependency in Swift 5.1

Collection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi

coverage guided fuzz testing for java

A fork and successor of the Sulley Fuzzing Framework

This code is vulnerable to SQL Injection and having SQLite database. For SQLite database, SQL Injection payloads are different so it is for fun. Just enjoy it \m/

Infection vector that bypasses AV, IDS, and IPS. (For now...)

gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...

Xss Payload Generator ~ Xss Scanner ~ Xss Dork Finder

Burp Extender plugin that generates a sitemap of a website using Wayback Machine

The all-in-one Red Team extension for Web Pentester 🛠

Simple browser extension for managing accounts in a browser and allowing the signing of extrinsics using these accounts. Also provides a simple interface for compliant extensions for dapps.

Provides a Kotlin/Java library to create a random json string