805 Open source projects that are alternatives of or similar to Libdiffuzz

Explore Indicators of Compromise Automatically

android proxy setting tool

Send encrypted PGP messages with one click

Cloud Security Posture Management (CSPM)

Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.

Reconnaissance tool for GitHub code search. Finds exposed API keys using pattern matching, commit history searching, and a unique result scoring system.

Forseti Security

Netzob: Protocol Reverse Engineering, Modeling and Fuzzing

📷 ViewFinder - NodeJS product to make the browser into a web app. WTF RBI. CBII. Remote browser isolation, embeddable browserview, secure chrome saas. Licenses, managed, self-hosted. Like S2, WebGap, Bromium, Authentic8, Menlo Security and Broadcom, but open source with free live demos available now! Also, integrated RBI/CDR with CDR from https://github.com/dosyago/p2%2e

Infection Monkey - An automated pentest tool

Canadian Furious Beaver is a tool for hijacking IRPs handler in Windows drivers, and facilitating the process of analyzing Windows drivers for vulnerabilities

一键生成Java代码的burp插件/Generate Java script for fuzzing in Burp。

Find leaked secrets via github search

Passhunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.

Most usable tools for iOS penetration testing

A collection of various awesome lists for hackers, pentesters and security researchers

a javascript static security analysis tool

Friends don't let friends leak secrets on their terminal window 🙈

C2/post-exploitation framework

This Repository contains the stuff related to windows Active directory environment exploitation

SIPVicious OSS is a set of security tools that can be used to audit SIP based VoIP systems.

Do not crash when your server lies

Build A GUI For Xray，给Xray造一个GUI控制端。

Application and Service Fingerprinting

A collection of Ansible Playbooks that configure Kali to use Fish & install a number of tools

A Central Control Plane for AWS Permissions and Access

🚀 Fast Port Scanner 🚀

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

Hacking tools

Canary: Input Detection and Response

Test the accuracy of Endpoint Detection and Response (EDR) software with simple script which executes various ATT&CK/LOLBAS/Invoke-CradleCrafter/Invoke-DOSfuscation payloads

安全总是无处不在...

Tool for automating customized attacks against web applications. Fully made in C language with pthreads, it has fast performance.

protocol fuzzing toolkit

mXtract - Memory Extractor & Analyzer

Documentation:

Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。

Faster and more efficient stateless SYN scanner and banner grabber due to userland TCP/IP stack usage.

Code for the USENIX 2017 paper: kAFL: Hardware-Assisted Feedback Fuzzing for OS Kernels

Command-line passphrase generator

Scalable fuzzing infrastructure.

Container with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters

Drone pentesting framework console

A tool for auditing security properties of GCP projects.

A tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner.

A curated list of awesome test automation frameworks, tools, libraries, and software for different programming languages. Sponsored by http://sdclabs.com

A static-code-analysis tool for performing security-focused code reviews. It enables an auditor to swiftly map the attack-surface of a large application, with an emphasis on identifying development anti-patterns and footguns.

Dradis Framework: Colllaboration and reporting for IT Security teams

IBM Fully Homomorphic Encryption Toolkit For Linux. This toolkit is a Linux based Docker container that demonstrates computing on encrypted data without decrypting it! The toolkit ships with two demos including a fully encrypted Machine Learning inference with a Neural Network and a Privacy-Preserving key-value search.

Extract and aggregate threat intelligence.

一行代码检测XP/调试/多开/模拟器/root

ESLint security plugin for Node.js

Android Mobile Device Hardening

Zeek network security monitor plugin that enables parsing of the Ethernet/IP and Common Industrial Protocol standards

A binary analysis framework

Fuzzing Parsers with Tokens

SIPCheck is a tool that watch the authentication of users of Asterisk and bans automatically if some user (or bot) try to register o make calls using wrong passwords.

A Ruby framework designed to aid in the penetration testing of WordPress systems.

Command line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.

Golang安全资源合集