830 Open source projects that are alternatives of or similar to Isthislegit

Cat-Nip Automated Basic Pentest Tool - Designed For Kali Linux

Leverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.

EmbedOS - Embedded security testing virtual machine

Hunt down the secrets from the WebArchives for Fun and Profit

Burp Extender plugin that generates a sitemap of a website using Wayback Machine

Android library to reveal or obfuscate strings and assets at runtime

Wifiphisher is a rogue Access Point framework for conducting red team engagements or Wi-Fi security testing. Using Wifiphisher, penetration testers can easily achieve a man-in-the-middle position against wireless clients by performing targeted Wi-Fi association attacks. Wifiphisher can be further used to mount victim-customized web phishing attacks against the connected clients in order to capture credentials (e.g. from third party login pages or WPA/WPA2 Pre-Shared Keys) or infect the victim stations with malwares.

rpCheckup is an AWS resource policy security checkup tool that identifies public, external account access, intra-org account access, and private resources.

Future Of Phishing With less delay

A library to check for compromised passwords

Decode All Bases - Base Scheme Decoder

A community contributed consolidated list of InfoSec meetups in the Asia Pacific region.

A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).

A JWT (JSON Web Token) Encoder & Decoder

GitBook: OSCP RoadMap

findWebshell是一款基于python开发的webshell检测工具。

The OSINT Omnibus (beta release)

CMS/LMS/Library etc Versions Fingerprinter

Anti-keylogger/anti-rat application for Windows

Some of the best web shells that you might need!

The clever vulnerability dependency finder

A little collection of fun and creative proof of concepts to demonstrate the potential impact of a security vulnerability.

Qualys sslabs-scan utility in a tiny docker image

A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.

VirusTotal Wanna Be - Now with 100% more Hipster

Hyuga 一个用来记录DNS查询和HTTP请求的监控工具。

python3写的综合扫描工具，主要用来存活验证，敏感文件探测(目录扫描/js泄露接口/html注释泄露)，WAF/CDN识别，端口扫描，指纹/服务识别，操作系统识别，POC扫描，SQL注入，绕过CDN，查询旁站等功能，主要用来甲方自测或乙方授权测试，请勿用来搞破坏。

KeyDecoder app lets you use your smartphone or tablet to decode your mechanical keys in seconds.

A set of recipes useful in pentesting and red teaming scenarios

A vulnerable iOS App with Security Challenges for the Security Researcher inside you.

Phishing catcher using Certstream

BlackEye Phishing Kit in Python w Serveo Subdomain Creation | Educational Purposes Only

Social Network Tabs Wordpress Plugin Vulnerability - CVE-2018-20555

Fuzz your Rust code with Google-developed Honggfuzz !

PoC tool to demonstrate vulnerabilities in wireless input devices

PyIris-backdoor is a modular, stealthy and flexible remote-access-toolkit written completely in python used to command and control other systems. It is now in the beta stage, possibly perpetually. There are bugs still present in the framework, feel free to contribute or help me out with this project its still under active development >_>

Badges for your GitHub tool presented at InfoSec Conference

Ansible role to apply a security baseline. Systemd edition.

Software tools for Nordic Semiconductor nRF24-based devices like wireless keyboards, mice, and presenters

A service that can track data breaches like "Have I Been Pwned", but it is specific for Taiwan.

Forseti Security

Automated Security Testing For REST API's

Reverse shell generator written in Python 3.

A proposed standard that allows websites to define security policies.

Simplifying Seccomp enforcement in containerized or non-containerized apps

An open source tool to aid in command line driven generation of bug bounty reports based on user provided templates.

🔥 A powerful MongoDB auditing and pentesting tool 🔥

PoC code from DEF CON 25 presentation

A Central Control Plane for AWS Permissions and Access

Kali Linux 工具合集中文说明书

memory search and patch tool on debuggable apk without root & ndk

Office for Mac Macro Payload Generator

Agile Threat Modeling Toolkit

Automatic finder for subdomains vulnerable to takeover. Written in Go, based on @haccer's subjack.

A collection of public offensive and defensive security related scripts for InfoSec students.

OWASP Honeypot, Automated Deception Framework.

light weight phishing framework with 18+ pages.

A static analysis tool for security

Hawkeye filesystem analysis tool

OSSSM (awesome). Open source short-term secure messaging