703 Open source projects that are alternatives of or similar to Jsonp

Hawkeye filesystem analysis tool

Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

BURP extension to record every HTTP request send via BURP and create an audit trail log of an assessment.

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.

巡风是一款适用于企业内网的漏洞快速应急，巡航扫描系统。

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

被动式漏洞扫描系统

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

Subdomain Takeover tool written in Go

BurpSuite收集：包括不限于 Burp 文章、破解版、插件(非BApp Store)、汉化等相关教程，欢迎添砖加瓦---burpsuite-pro burpsuite-extender burpsuite cracked-version hackbar hacktools fuzzing fuzz-testing burp-plugin burp-extensions bapp-store brute-force-attacks brute-force-passwords waf sqlmap jar

🔐 Docker Container for Penetration Testing & Security

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…

A tool to hunt for publicly accessible DigitalOcean Spaces

Awesome cloud enumerator

Extract subdomains from SSL certificates in HTTPS sites.

Cameradar hacks its way into RTSP videosurveillance cameras

Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

Web path scanner

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

A list to discover work of red team tooling and methodology for penetration testing and security assessment

📡 A python program to create a fake AP and sniff data.

🏴‍☠️ Tools for pentesting, CTFs & wargames. 🏴‍☠️

Extract endpoints from APK files

🔥 A powerful MongoDB auditing and pentesting tool 🔥

Automatic finder for subdomains vulnerable to takeover. Written in Go, based on @haccer's subjack.

Windows one line commands that make life easier, shortcuts and command line fu.

A Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

Gorsair hacks its way into remote docker containers that expose their APIs

Selenium powered Python script to automate searching for vulnerable web apps.

Port scanning and domain utility.

Comprehensive Web Based Phishing Suite for Rapid Deployment and Real-Time Alerting!

Simple Keylogger with smtp to send emails on your account using python works on linux and Windows

Hetty is an HTTP toolkit for security research.

Intercept, modify, repeat and attack Android's Binder transactions using Burp Suite

Security Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.

Container with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters

Dradis Framework: Colllaboration and reporting for IT Security teams

Fast web fuzzer written in Go

Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords

Intelligence tool but without API key

Idiomatic nmap library for go developers

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Responsive Command and Control System

Parse OpenAPI documents into Burp Suite for automating OpenAPI-based APIs security assessments (approved by PortSwigger for inclusion in their official BApp Store).

A Subdomain Enumeration and Validation tool for Bug Bounty and Pentesters.

A Burp Extender for checking for struts 2 RCE vulnerabilities.

Human and machine readable web vulnerability testing format

A simple dns resolver of dns-record and web-record log server for pentesting

Security checks pack for Burp Suite

Cross-Site Scripting (XSS) command line tool for testing lists of XSS payloads on web apps.

Adds a customizable "Send to..."-context-menu to your BurpSuite.

internet monitoring osint telegram bot for windows

Arissploit Framework is a simple framework designed to master penetration testing tools. Arissploit Framework offers simple structure, basic CLI, and useful features for learning and developing penetration testing tools.

Python script to hunt phishing kits