889 Open source projects that are alternatives of or similar to Leakscraper

This repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions

Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.

Passwords Recovery Tool

Search (offline) if your password (NTLM or SHA1 format) has been leaked (HIBP passwords list v8)

mXtract - Memory Extractor & Analyzer

Know the dangers of credential reuse attacks.

OSINT

HostHunter a recon tool for discovering hostnames using OSINT techniques.

👻Stowaway -- Multi-hop Proxy Tool for pentesters

This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference

Semi-automatic OSINT framework and package manager

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

Sifter aims to be a fully loaded Op Centre for Pentesters

Open source pre-operation C2 server based on python and powershell

Automatically Launch Google Hacking Queries Against A Target Domain

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

API, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)

Simple multi threaded tool to extract domain related data from commoncrawl.org

A list to discover work of red team tooling and methodology for penetration testing and security assessment

DNS-Persist is a post-exploitation agent which uses DNS for command and control.

Automation for internal Windows Penetrationtest / AD-Security

mosquito - Automating reconnaissance and brute force attacks

my oscp prep collection

ASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight

Python 3.5+ DNS asynchronous brute force utility

👻Impost3r -- A linux password thief

Intelligence tool but without API key

Attempting to be an all in one repo for others' userful aggressor scripts as well as things we've found useful during Red Team Operations.

fireELF - Fileless Linux Malware Framework

Red Teaming Tactics and Techniques

An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.

Email OSINT & Password breach hunting tool, locally or using premium services. Supports chasing down related email

OSINT Tool: Generate username lists for companies on LinkedIn

Crawler (Bot) searching for credential leaks on different paste sites.

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

E-mails, subdomains and names Harvester - OSINT

Perun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架

🔎 Hunt down social media accounts by username across social networks

An automated e-mail OSINT tool

Snoop — инструмент разведки на основе открытых данных (OSINT world)

swiss army knife for hackers

The Collective. A repo for a collection of red-team projects found mostly on Github.

A set of recipes useful in pentesting and red teaming scenarios

DeepSea Phishing Gear

Venom - A Multi-hop Proxy for Penetration Testers

Offline command line lookup utility for GTFOBins (https://github.com/GTFOBins/GTFOBins.github.io) and LOLBAS (https://github.com/LOLBAS-Project/LOLBAS)

A tool to hunt for publicly accessible DigitalOcean Spaces

Python3 script to perform LDAP queries and enumerate users, groups, and computers from Windows Domains. Ldap_Search can also perform brute force/password spraying to identify valid accounts via LDAP.

🚀 Fast Port Scanner 🚀

A Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.

Tool to automate common OSINT tasks

A PowerShell-based toolkit and framework consisting of a collection of techniques and tradecraft for use in red team, post-exploitation, adversary simulation, or other offensive security tasks.

备考 OSCP 的各种干货资料/渗透测试干货资料

Burp Suite extension to discover assets from HTTP response.

Tactics, Techniques, and Procedures

gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...

ReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.

A high performance offensive security tool for reconnaissance and vulnerability scanning