5398 Open source projects that are alternatives of or similar to Juice Shop Ctf

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

Capture-the-Flag (CTF) environment setup tools for OWASP Juice Shop supporting CTFd, FBCTF and RootTheBox

⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡

Next generation web scanner

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

🤖 The Modern Port Scanner 🤖

Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.

A tool to fastly get all javascript sources/files

A collection of hacking / penetration testing resources to make you better!

A curated list of awesome privilege escalation

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

Some good resources for getting started with application security

🔗 Don't know what type of hash it is? Name That Hash will name that hash type! 🤖 Identify MD5, SHA256 and 3000+ other hashes ☄ Comes with a neat web app 🔥

🏴‍☠️ Tools for pentesting, CTFs & wargames. 🏴‍☠️

Micro-framework for rapid development of reusable security tools

File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

🏴‍☠️ Information Gathering tool 🏴‍☠️ DNS / Subdomains / Ports / Directories enumeration

Penetration Testing and Hacking CTF's Swiss Army Knife with: Reverse Shell Handling - Encoding/Decoding - Encryption/Decryption - Cracking Hashes / Hashing

RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.

The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)

DefectDojo is an open-source application vulnerability correlation and security orchestration tool.

A simple dns resolver of dns-record and web-record log server for pentesting

Hosted Reverse Shell generator with a ton of functionality. -- (Great for CTFs)

Automated NoSQL database enumeration and web application exploitation tool.

Fast Steganography bruteforce tool written in Rust useful for CTF's

Quiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.

📡 A python program to create a fake AP and sniff data.

OWASP SecurityRAT (version 1.x) - Tool for handling security requirements in development

Set of tools to audit SIP based VoIP Systems

Adds a customizable "Send to..."-context-menu to your BurpSuite.

An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.

Python Interactive Deepweb-oriented Rapid Intelligent Link Analyzer

Linux enumeration tool for pentesting and CTFs with verbosity levels

Just Another Linux Enumeration Script: A Bash script for locally enumerating a compromised Linux box

Know the dangers of credential reuse attacks.

Study Notes For Web Hacking / Web安全学习笔记

Python network worm that spreads on the local network and gives the attacker control of these machines.

The ultimate WinRM shell for hacking/pentesting

This cheasheet is aimed at the CTF Players and Beginners to help them understand the fundamentals of Privilege Escalation with examples.

Audit tool to find common vulnerabilities in PHP source code

An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.

备考 OSCP 的各种干货资料/渗透测试干货资料

A tool to test security of json web token

A Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.

Monitor linux processes without root permissions

A simple tool for interacting with OWASP ZAP from the commandline.

The all-in-one Red Team extension for Web Pentester 🛠

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

Advanced and easy to use penetration testing framework 💣🔎

An open source Android application that is intentionally vulnerable so as to act as a learning platform for Android application security beginners.

Evaluate the security of S3 buckets

The DevSecOps toolset for REST APIs

A Python tool used to automate the execution of the following tools : Nmap , Nikto and Dirsearch but also to automate the report generation during a Web Penetration Testing

Curating the best DevSecOps resources and tooling.

HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.

A high performance offensive security tool for reconnaissance and vulnerability scanning

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

⚡️ Worlds fastest steghide cracker, chewing through millions of passwords per second ⚡️

An automated e-mail OSINT tool