669 Open source projects that are alternatives of or similar to Legion

an asynchronous target enumeration tool

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

Web path scanner

An asynchronous enumeration & vulnerability scanner. Run all the tools on all the hosts.

sgCheckup generates nmap output based on scanning your AWS Security Groups for unexpected open ports.

A Python tool used to automate the execution of the following tools : Nmap , Nikto and Dirsearch but also to automate the report generation during a Web Penetration Testing

Vulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.

Konan - Advanced Web Application Dir Scanner

🆕 The Multi-Tool Web Vulnerability Scanner.

Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting

Automated NoSQL database enumeration and web application exploitation tool.

Hacker tools on Go (Golang)

Detect alive host and open port .

Automated brute-forcing attack tool.

findCDN is a tool created to help accurately identify what CDN a domain is using.

MX1014 is a flexible, lightweight and fast port scanner.

Modern alternative to dirbuster/dirb

Blazy is a modern login bruteforcer which also tests for CSRF, Clickjacking, Cloudflare and WAF .

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

🔍 Tool for - Host Discovery, Port Scanning and Operating System Fingerprinting

Open source all-in-one CLI tool to semi-automate pentesting.

Scan only once by IP address and reduce scan times with Nmap for large amounts of data.

网络资产发现、漏洞扫描

Pentest Tools Framework is a database of exploits, Scanners and tools for penetration testing. Pentest is a powerful framework includes a lot of tools for beginners. You can explore kernel vulnerabilities, network vulnerabilities

Advanced Reconnaissance tool to enumerate attacking surface of the target.

A tool that allows you to convert NMAP results to html, csv, json, markdown, graphviz (dot). Simply put it's nmap converter.

Python Security Scripts

Brute force attack tool for Azure AD Autologon/Seamless SSO - Source: https://arstechnica.com/information-technology/2021/09/new-azure-active-directory-password-brute-forcing-flaw-has-no-fix/

Bash script which quickly identifies open network ports and any associated vulnerabilities / Script Bash qui permet d'identifier rapidement les ports réseaux ouverts et les éventuelles vulnérabilités associées.

WEB PENETRATION TESTING TOOL 💥

A high performance offensive security tool for reconnaissance and vulnerability scanning

🐧🔥System security testing tools(compatible with Debian/Centos/Ubuntu/Kali/Mint,use the nmap and hydra security testing tools)

hydra

BruteDum - Brute Force attacks SSH, FTP, Telnet, PostgreSQL, RDP, VNC with Hydra, Medusa and Ncrack

A Go implementation of dirsearch.

Leverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.

Scan .onion hidden services with nmap using Tor, proxychains and dnsmasq in a minimal alpine Docker container.

Automatic Service Enumeration Script

Mass scan IPs for vulnerable services

OWASP WEB Directory Scanner

A fast web directory/file enumeration tool written in Rust

Reconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.

yotter - bash script that performs recon and then uses dirb to discover directories that might lead to information leakage

Exploitation Framework for Embedded Devices

Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network

Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting

A tool that automates the process of enumeration

NSE scripts to detect CVE-2020-1350 SIGRED and CVE-2020-0796 SMBGHOST, CVE-2021-21972, proxyshell, CVE-2021-34473

BruteSploit is a collection of method for automated Generate, Bruteforce and Manipulation wordlist with interactive shell. That can be used during a penetration test to enumerate and maybe can be used in CTF for manipulation,combine,transform and permutation some words or file text :p

A simple interpreter for a large subset of Pascal language written for educational purposes

Migrated to https://github.com/kivy-garden/zbarcam

WP Grab Info v2

Web Application Security Scanner Framework

A Docker Image For the Open Vulnerability Assessment Scanner (OpenVAS)

Generate random bitcoin wallets, private keys (seeds) and then check if they match a wallet that contains some kind of balance, and then take it. Node.js

CloudFlare Checker written in Go

Enumeration list for CakePHP 3

Rapidly scan filesystems for Java programs potentially vulnerable to Log4Shell (CVE-2021-44228) or "that Log4j JNDI exploit" by inspecting the class paths inside files

Scanbot scanner SDK example app for Ionic with Cordova.

Scans PHP files for malwares and known threats