2712 Open source projects that are alternatives of or similar to Ios

Container with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters

Webshell Manager

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

Tool made to automate tasks of pentesting.

大型内网渗透扫描器&Cobalt Strike，Ladon8.9内置120个模块，包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2，密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem，Poc/Exploit,支持Cobalt Strike 3.X-4.0

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

python3写的综合扫描工具，主要用来存活验证，敏感文件探测(目录扫描/js泄露接口/html注释泄露)，WAF/CDN识别，端口扫描，指纹/服务识别，操作系统识别，POC扫描，SQL注入，绕过CDN，查询旁站等功能，主要用来甲方自测或乙方授权测试，请勿用来搞破坏。

Notes Taken for HTB Machines & InfoSec Community.

Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

Wireshark Cheat Sheet

Recsech is a tool for doing Footprinting and Reconnaissance on the target web. Recsech collects information such as DNS Information, Sub Domains, HoneySpot Detected, Subdomain takeovers, Reconnaissance On Github and much more you can see in Features in tools .

🖖 Fast, modern, easy-to-use network scanner

Pentest: Subdomains enumeration tool for penetration testers.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

a commandline #OSINT tool to find the online presence of a username in popular social media websites like Facebook, Instagram, Twitter, etc.

Multi source CVE/exploit parser.

Cheat-Sheet of tools for penetration testing

Pentester's Promiscuous Notebook

[Official] Android reverse engineering tool focused on dynamic instrumentation automation. Powered by Frida. It disassembles dex, analyzes it statically, generates hooks, discovers reflected methods, stores intercepted data and does new things from it. Its aim is to be an all-in-one Android reverse engineering platform.

A simple and sophisticated session and authentication solution written in Swift

渗透测试☞经验/思路/总结/想法/笔记

C2/post-exploitation framework

🔑 Hash type identifier (CLI & lib)

My notebook for OSCP Lab

Misc. Public Reports of Penetration Testing and Security Audits.

Microarchitectural exploitation and other hardware attacks.

Notes Taken for HTB Machines & InfoSec Community.

A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.

An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)

Demonstration library for using the Secure Enclave on iOS

Turn your VPS into an attack box

Related subdomains finder

An introduction to security for developers.

Your all-in-one tweak for WhatsApp Messenger!

🦁 Juumla is a python tool created to identify Joomla version, scan for vulnerabilities and search for config or backup files.

🌒 Shell command obfuscation to avoid detection systems

A concise, directive, specific, flexible, and free incident response plan template

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

Offensive Reverse Shell (Cheat Sheet)

Local Administrator Password Solution for Mac

A Tool for Domain Flyovers

Objective-C runtime headers for Apple's iOS, macOS, tvOS and watchOS frameworks

Import/export between Apple Keychain.app and plain CSV file.

Selenium powered Python script to automate searching for vulnerable web apps.

⬆️ ☠️ Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, polkit, docker socket

Hundreds of Offensive and Useful Docker Images for Network Intrusion. The name says it all.

Next generation web scanner

HTTP Request Smuggling over HTTP/2 Cleartext (h2c)

A curated list of awesome infosec courses and training resources.

Extract subdomains from SSL certificates in HTTPS sites.

Slides, paper notes, class notes, blog posts, and research on ML 📉, statistics 📊, and AI 🤖.

🔨 Manage your website via terminal

Infosec resource center for offensive and defensive security operations.

🎯 XML External Entity (XXE) Injection Payload List

📱 objection - runtime mobile exploration

Security Orchestration, Automation and Response (SOAR) Platform. 安全编排与自动化响应平台，无需编写代码的安全自动化，使用 SOAR 可以让团队工作更加高效

OSINT Swiss Army Knife

Tests for race conditions in web applications. Includes a RESTful API to integrate into a continuous integration pipeline.