369 Open source projects that are alternatives of or similar to massurl

MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats.

Tips and Tutorials for Bug Bounty and also Penetration Tests.

Scan installed EDRs and AVs on Windows

Simulating Log4j Remote Code Execution (RCE) vulnerability in a flask web server using python's logging library with custom formatter that simulates lookup substitution by executing remote exploit code.

One stop place for exploiting Jira instances in your proximity

Collection of several DDos tools.

JSON RSA to HMAC and None Algorithm Vulnerability POC

Some good resources for getting started with application security

Nozzlr is a bruteforce framework, trully modular and script-friendly

Information Security Library

goverview - Get an overview of the list of URLs

Malware Sample Sources

Security challenges and CTFs created by the Penultimate team.

This document proposes a way of standardising the structure, language, and grammar used in security policies.

Find host header injections and perform Host Header attacks with other kind of bugs like web cache poissoning

No description or website provided.

Android library for helping you to reach out to best possible answer for your bug/error available on stack overflow and will show it in your Android Studio Console only.

Astra is a tool to find URLs and secrets inside a webpage/files

The initial conversation slides and menu of scenarios

Subdomain discovery using the power of 'The Rapid7 Project Sonar datasets'

Script to spider a website and find publicly open S3 buckets

ESP8266 based WiFi implant to remotely track the presence of certain people or devices via a simple web interface

You didn't think I'd go and leave the blue team out, right?

Discover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty

Multi-threaded Padding Oracle attacks against any service. Written in Rust.

An introduction to security for developers.

sgCheckup generates nmap output based on scanning your AWS Security Groups for unexpected open ports.

Simple script that utilities discord's flaw in detecting who blocked who.

🔑 Hash type identifier (CLI & lib)

Find exposed API keys based on RegEx and get exploitation methods for some of keys that are found

Tests for SSRF by injecting a specified location into different headers. This is a Rust port of m4ll0k's tool.

GZip HTTP Bombing in Python for everyone

Active Directory ACL Visualizer and Explorer - who's really Domain Admin?

App to add websites/software/files/folders/scripts to the Windows 10 Start Menu and Taskbar, and priority shortcuts to Windows 10 Search.

No description or website provided.

Pass in a list of URLs with query strings, get back a unique list of URLs and query string combinations

Python Tutorial - || Advanced Keylogger || Code Walk-through || Hacking/Info-Sec ||

A support library for Ronin. Like activesupport, but for hacking!

DDTTX Tabletop Trainings

Exploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)

A Heroku-based web honeypot that can be used to create and monitor fake HTTP endpoints (i.e. honeytokens).

unix wildcard attacks

Get GTFOBins info about a given exploit from the command line

This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.

Totally Insecure Web Application Project (TIWAP)

Collection of penetration test reports and pentest report templates. Published by the the best security companies in the world.

An integrated tool and a collection of snippets which helps in the various aspects of the terminal.

Zero-setup SSH-based scanner with extensive visualizations for Debian server inventory, policy compliance and vulnerabilities

Community modules for FAME

Utility for hunting UAC bypasses or COM/DLL hijacks that alerts on the exported function that was consumed.

🌒 Shell command obfuscation to avoid detection systems

This repository houses the interactions, consultations and work management to support the maintenance of baselined components of the Consumer Data Right API Standards and Information Security profile.

一些漏洞分析

An intelligent React component to obfuscate any contact link!

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

An inventory of tools and resources about CyberSecurity that aims to help people to find everything related to CyberSecurity.

Validate all your Customer IAM Policies against AWS Access Analyzer - Policy Validation

🦁 Juumla is a python tool created to identify Joomla version, scan for vulnerabilities and search for config or backup files.

DNS hijacking via dead records automation tool

This script will automatically set up an OSINT workstation starting from a Ubuntu OS.