1838 Open source projects that are alternatives of or similar to Knary

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

Collection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)

🏴‍☠️ Information Gathering tool 🏴‍☠️ DNS / Subdomains / Ports / Directories enumeration

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…

Automated NoSQL database enumeration and web application exploitation tool.

A tool to test security of json web token

Rescope is a tool geared towards pentesters and bugbounty researchers, that aims to make life easier when defining scopes for Burp Suite and OWASP ZAP.

HostHunter a recon tool for discovering hostnames using OSINT techniques.

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.

A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).

Yet Another PHP Shell - The most complete PHP reverse shell

Command line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.

Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.

Steganography brute-force utility to uncover hidden data inside files

An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.

Attack Surface Management Platform | Sn1perSecurity LLC

A curated list of awesome OSCP resources

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

Powerful Visual Subdomain Enumeration at the Click of a Mouse

Cameradar hacks its way into RTSP videosurveillance cameras

Vaf is a cross-platform very advanced and fast web fuzzer written in nim

Fully automated offensive security framework for reconnaissance and vulnerability scanning

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

It's a Docker Environment for pentesting which having all the required tool for VAPT.

Next generation web scanner

Offensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

A web front-end for password cracking and analytics

Hacking Toolkit

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

Web path scanner

Quiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.

Tool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.

Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.

Micro-framework for rapid development of reusable security tools

The Collective. A repo for a collection of red-team projects found mostly on Github.

Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

🆕 The Multi-Tool Web Vulnerability Scanner.

A collection of public offensive and defensive security related scripts for InfoSec students.

An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.

EmbedOS - Embedded security testing virtual machine

unix SSH post-exploitation 1337 tool

Code from Blackhat Python book

my oscp prep collection

Web Application recon automation

Wordlist for content(directory) bruteforce discovering with Burp or dirsearch

Awesome hacking is an awesome collection of hacking tools.

DNS-Discovery is a multithreaded subdomain bruteforcer.

Container with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters

Adds a customizable "Send to..."-context-menu to your BurpSuite.

Recsech is a tool for doing Footprinting and Reconnaissance on the target web. Recsech collects information such as DNS Information, Sub Domains, HoneySpot Detected, Subdomain takeovers, Reconnaissance On Github and much more you can see in Features in tools .

Set of tools to audit SIP based VoIP Systems

A high performance offensive security tool for reconnaissance and vulnerability scanning

Cross Origin Resource Sharing MisConfiguration Scanner