433 Open source projects that are alternatives of or similar to Learning-Node.js-Security

A list of web application security

A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).

File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

An RPC attack framework for Blockchain nodes.

Python-based CLI Password Analyser (Reporting Tool)

SMTP and IMAP checker / cracker for mailpass combolists with a user-friendly GUI, automated inbox test and many more features.

AV-evading Pythonic Reverse Shell with Dynamic Adaption Capabilities

AutoPentest-DRL: Automated Penetration Testing Using Deep Reinforcement Learning

Reconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.

The Red Rabbit project is just what a hacker needs for everyday automation. Red Rabbit unlike most frameworks out there does not automate other peoples tools like the aircrack suite or the wifite framework, it rather has its own code and is raw source with over 270+ options. This framework might just be your everyday key to your workflow

Notes from OSCP, CTF, security adventures, etc...

It's a Docker Environment for pentesting which having all the required tool for VAPT.

Vulnerability assessment and penetration testing automation and reporting platform for teams.

Argus Advanced Remote & Local Keylogger For macOS and Windows

An advanced command-line search engine for Exploit-DB

My personal bug bounty toolkit.

PoC + Docker Environment for Python PIL/Pillow Remote Shell Command Execution via Ghostscript CVE-2018-16509

Modified Nuclei Templates Version to FUZZ Host Header

Host Header Injection Checker

🏴‍☠️ Pwn misconfigured sites running ShareX custom image uploader API through chained exploit

List of Bluetooth BR/EDR/LE security resources

Reverse shell manager using tmux and ncat

brute force SSH public-key authentication

VOIP Security Audit Framework

JSON RSA to HMAC and None Algorithm Vulnerability POC

Totally Insecure Web Application Project (TIWAP)

Little tool made in python to create payloads for Linux, Windows and OSX with unique handler

Feature-rich Post Exploitation Framework with Network Pivoting capabilities.

Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place

VulWebaju is a platform that automates setting up your pen-testing environment for learning purposes.

Captive wifi hotspot bypass tool for Linux

A Deliberately Insecure Web Application

Get GTFOBins info about a given exploit from the command line

開源的正體中文 Web Hacking 學習資源 - 程式安全 2021 Fall

Automated script to run all modules for a specified list of domains, netblocks or company name

Statically-linked ssh server with reverse shell functionality for CTFs and such

A Security Tool for Enumerating WebSockets

Automated tool for WiFi hacking.

Scripts usados en mi formación de Offensive Security por medio de la suscripción Learn Unlimited

Kali Live Build Scripts

A friendly Toolkit for Beginner CTF players

Common Web Managers Fuzz Wordlists

My last 10 year's material collection on offensive & defensive security, GRC, risk management, technical security guidelines and much more.

A collection of resources I'm using while working toward the OSCP

Discover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty

Top 20 Kali Linux Related E-books (Free Download)

Search Google and download specific file types

A Python library to utilize AWS API Gateway's large IP pool as a proxy to generate pseudo-infinite IPs for web scraping and brute forcing.

WARF is a Web Application Reconnaissance Framework that helps to gather information about the target.

Red Team Toolkit is an Open-Source Django Offensive Web-App which is keeping the useful offensive tools used in the red-teaming together.

Ashok is a OSINT Recon Tool , a.k.a 😍 Swiss Army knife .

Stop half-done API specifications! Cherrybomb is a CLI tool that helps you avoid undefined user behaviour by validating your API specifications.

Deliberately vulnerable scripts for Web Security training

Dark-Phish is a complete phishing tool. For more about Dark-Phish tool please visit the website.

🐛 A plug-in of sublime 2/3 which is able to find PHP vulnerabilities

General stuff for pentesting - password cracking, phishing, automation, Kali, etc.

guardrails.cs.virginia.edu

domhttpx is a google search engine dorker with HTTP toolkit built with python, can make it easier for you to find many URLs/IPs at once with fast time.

Modular personalized dictionary generator.

Payload Arsenal for Pentration Tester and Bug Bounty Hunters