830 Open source projects that are alternatives of or similar to Isthislegit

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

Vulnerability assessment and penetration testing automation and reporting platform for teams.

Plugin to block compilation when unapproved dependencies are used or code styling does not comply.

⬆️ ☠️ Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, polkit, docker socket

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

a tool to analyze filesystem images for security

A collection of awesome security hardening guides, tools and other resources

PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform

A repository for maintaining lists of things like malicious URLs, fake token addresses, and so forth. We love lists.

SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈

A ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network

🔎 shodansploit > v1.3.0

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

protocol fuzzing toolkit

Detection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.

Generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage.

Decode All Bases - Base Scheme Decoder

Ghidra Analysis Enhancer 🐉

A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.

KeyDecoder app lets you use your smartphone or tablet to decode your mechanical keys in seconds.

分布式资产安全扫描核心管理系统(弱口令扫描，漏洞扫描)

Python script to decode common encoded PowerShell scripts

BlackEye Phishing Kit in Python w Serveo Subdomain Creation | Educational Purposes Only

Fuzz your Rust code with Google-developed Honggfuzz !

Open source application to instantly remediate common security issues through the use of AWS Config

Ansible role to apply a security baseline. Systemd edition.

Data leak checker & OSINT Tool

Phishing on Twitter

FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.

Reverse shell generator written in Python 3.

PoC code from DEF CON 25 presentation

A Github organization reconnaissance tool.

memory search and patch tool on debuggable apk without root & ndk

Unlock an Android phone (or device) by bruteforcing the lockscreen PIN. Turn your Kali Nethunter phone into a bruteforce PIN cracker for Android devices! (no root, no adb)

Ronin is a Ruby platform for vulnerability research and exploit development. Ronin allows for the rapid development and distribution of code, Exploits or Payloads, Scanners, etc, via Repositories.

A collection of security related Python and Bash shell scripts. Analyze hosts on generic security vulnerabilities. Wrapper around popular tools like nmap (portscanner), nikto (webscanner) and testssl.sh (SSL/TLS scanner)

AWS Identity and Access Management Visualizer and Anomaly Finder

A simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support

Endpoint detection & Malware analysis software

Visualize network topologies and collect graph statistics based on pcap files

The linux choice collection tools

Open-source tool to enforce privacy & security best-practices on Windows and macOS, because privacy is sexy 🍑🍆

A Virtual environment for Pentesting IoT Devices

Phishing Tool & Information Collector

⌨️ Wordlists, Dictionaries and Other Data Sets for Writing Software Security Test Cases

Advanced and easy to use penetration testing framework 💣🔎

Generate Professional Phishing Emails Fast And Easy

An OSINT tool to find contacts in order to report security vulnerabilities.

A Phishing Dropper designed to Pentest.

Extract uncompiled, uncompressed SPA code from Webpack source maps.

Awesome Java Security Resources 🕶☕🔐

Code from Blackhat Python book

PHP安全SDK及编码规范

Search exposed EBS volumes for secrets

Bash script to audit and fix macOS Catalina (10.15.x) security settings

Find phishing kits which use your brand/organization's files and image.

Intelligence and Reconnaissance Package/Bundle installer.

Bilingual PhishingKit. TigerShark intergrates a vast array of various phishing tools and frameworks, from C2 servers, backdoors and delivery methods in multiple scripting languages in order to suit whatever your deployment needs may be.

A medium interaction printer honeypot 🍯

File Scanning Framework