931 Open source projects that are alternatives of or similar to Jackhammer

Extra strict and opinionated rules for PHPStan

A library to read static analysis reports into a Java object model

[Official] Android reverse engineering tool focused on dynamic instrumentation automation. Powered by Frida. It disassembles dex, analyzes it statically, generates hooks, discovers reflected methods, stores intercepted data and does new things from it. Its aim is to be an all-in-one Android reverse engineering platform.

A list of awesome malware detection tools

OWASP VBScan is a Black Box vBulletin Vulnerability Scanner

Port of "DR.CHECKER : A Soundy Vulnerability Detection Tool for Linux Kernel Drivers" to Clang/LLVM 10 and Linux Kernel

prealloc is a Go static analysis tool to find slice declarations that could potentially be preallocated.

Powerful Shodan API client using RxJava and Retrofit

Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

HaboMalHunter is a sub-project of Habo Malware Analysis System (https://habo.qq.com), which can be used for automated malware analysis and security assessment on the Linux system.

List of bug bounty and coordinated vulnerability disclosure programs of companies/organisations in Switzerland

nakedret is a Go static analysis tool to find naked returns in functions greater than a specified function length.

Web Scan Lazy Tools - Python Package

Little tool made in python to create payloads for Linux, Windows and OSX with unique handler

Pentest Report Generator

It's a Docker Environment for pentesting which having all the required tool for VAPT.

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

⚡️An awesome list of the best Termux hacking tools

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

🔐 Vulnerability remediation scoring system

Network Tools

Fully automated offensive security framework for reconnaissance and vulnerability scanning

Find exploitable PHP files by parameter fuzzing and function call tracing

Grab’n Run, a simple and effective Java Library for Android projects to secure dynamic code loading.

Get GTFOBins info about a given exploit from the command line

Exploits and Security Tools Framework 2.0.1

Phan is a static analyzer for PHP. Phan prefers to avoid false-positives and attempts to prove incorrectness rather than correctness.

Prevent Kubernetes misconfigurations from reaching production (again 😤 )! From code to cloud, Datree provides an E2E policy enforcement solution to run automatic checks for rule violations. See our docs: https://hub.datree.io

A cross-platform python based utility for information gathering and penetration testing automation!

A Security Tool for Enumerating WebSockets

Android process memory dump tool without ndk.

A dynamic analysis framework for WebAssembly programs.

A companion repo for the blog article: https://blog.approov.io/adding-oauth2-to-mobile-android-and-ios-clients-using-the-appauth-sdk

cwe_checker finds vulnerable patterns in binary executables

Rapidly scan filesystems for Java programs potentially vulnerable to Log4Shell (CVE-2021-44228) or "that Log4j JNDI exploit" by inspecting the class paths inside files

Improve your code security by running different security checks/validation in a simple way.

A tool to help eliminate NullPointerExceptions (NPEs) in your Java code with low build-time overhead

The Red Rabbit project is just what a hacker needs for everyday automation. Red Rabbit unlike most frameworks out there does not automate other peoples tools like the aircrack suite or the wifite framework, it rather has its own code and is raw source with over 270+ options. This framework might just be your everyday key to your workflow

Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic authorization tests

Analyzes Elm projects, to help find mistakes before your users find them.

渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms

🏴‍☠️ Pwn misconfigured sites running ShareX custom image uploader API through chained exploit

DotDotPwn - The Directory Traversal Fuzzer

List of packages that use `standard`

Notes from OSCP, CTF, security adventures, etc...

An Arch Linux repository for security professionals and enthusiasts. Done the Arch Way and optimized for i686, x86_64, ARMv6, ARMv7 and ARMv8.

Search Google and download specific file types

Python package for freepn network daemon

WARF is a Web Application Reconnaissance Framework that helps to gather information about the target.

hack tools

In-depth Attack Surface Mapping and Asset Discovery

All releases of the security research group (a.k.a. hackers) The Hacker's Choice

This cheasheet is aimed at the CTF Players and Beginners to help them sort Vulnhub Labs. This list contains all the writeups available on hackingarticles.

A Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the necessary hardware and setup and finally provide some examples of how you can use the power of Zeek to have absolute control over your network.

A web application for generating custom XSS payloads

Solhint is an open source project created by https://protofire.io. Its goal is to provide a linting utility for Solidity code.

Intelligent XSS detection tool that uses human techniques for looking for reflected cross-site scripting (XSS) vulnerabilities

CaptfEncoder是一款跨平台网络安全工具套件，提供网络安全相关编码转换、古典密码、密码学、特殊编码等工具，并聚合各类在线工具。

Command line tool that allows you to explore IoT devices by using Shodan API.