343 Open source projects that are alternatives of or similar to Jaeles Signatures

Automated All-in-One OS Command Injection Exploitation Tool.

A python tool to check subdomain takeover vulnerability

Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.

Automating XSS using Bash

Your Google Recon is Now Automated

File upload vulnerability scanner and exploitation tool.

Rescope is a tool geared towards pentesters and bugbounty researchers, that aims to make life easier when defining scopes for Burp Suite and OWASP ZAP.

An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.

Automated NoSQL database enumeration and web application exploitation tool.

Community curated list of templates for the nuclei engine to find security vulnerabilities.

Hacking tools

GoFingerprint is a Go tool for taking a list of target web servers and matching their HTTP responses against a user defined list of fingerprints.

A little collection of fun and creative proof of concepts to demonstrate the potential impact of a security vulnerability.

The unofficial HackerOne disclosure Timeline

A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).

DNS-Discovery is a multithreaded subdomain bruteforcer.

Auto setup is a bash script compatible with Debian based distributions to install and setup necessary programs.

Web Application recon automation

Python library and CLI for the Bug Bounty Recon API

A curated list of various bug bounty tools

ReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.

A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference

Scans a list of websites for Cloudfront or S3 Buckets

An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.

Command line tool for testing CRLF injection on a list of domains.

Given a list of hosts, this small utility fetches all whitelisted domains from the hosts' CSPs.

Cross-site scripting labs for web application security enthusiasts

🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

🔺 Red Team Hardware Toolkit 🔺

Cross Origin Resource Sharing MisConfiguration Scanner

A Colab For Bug Hunting!

A PHP dependency vulnerabilities scanner based on the Security Advisories Database.

Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting

A tool to check a bunch of URLs that contain reflecting params.

An open source tool to aid in command line driven generation of bug bounty reports based on user provided templates.

Arissploit Framework is a simple framework designed to master penetration testing tools. Arissploit Framework offers simple structure, basic CLI, and useful features for learning and developing penetration testing tools.

CVE-2017-9506 - SSRF

Collection of Facebook Bug Bounty Writeups

Quiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.

Urls de-duplication tool for better recon.

Change monitoring app that checks the content of web pages in different periods.

ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产，构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产，发现存在的薄弱点和攻击面。

THIS REPOSITORY HAS BEEN MOVED TO https://github.com/wpscanteam/wpscan USE THAT!!!

Secret and/ credential patterns used for gf.

Repositório com conteúdo sobre web hacking em português

Scan for open AWS S3 buckets and dump the contents

渗透测试插件化并发框架 / Open-sourced remote vulnerability PoC/EXP framework

Penetration tests guide based on OWASP including test cases, resources and examples.

Poor (rich?) man's bug bounty pipeline

A Python3 based single-file subdomain enumerator

ASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight

Scanning APK file for URIs, endpoints & secrets.

Random Tools for Bug Bounty

A note-taking macOS app for penetration-testers.

⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting

Subdomain Takeover tool written in Go

M3m0 Tool ⚔️ Website Vulnerability Scanner & Auto Exploiter

A high performance offensive security tool for reconnaissance and vulnerability scanning

Tools of "The Bug Hunters Methodology V2 by @jhaddix"