1461 Open source projects that are alternatives of or similar to Metaforge

OSINT Swiss Army Knife

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

The Swiss Army knife for automated Web Application Testing

A list of free and open forensics analysis tools and other resources

HTTP Request Smuggling over HTTP/2 Cleartext (h2c)

⬆️ ☠️ Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, polkit, docker socket

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

A curated list of awesome social engineering resources.

Extract and aggregate threat intelligence.

Related subdomains finder

The entire walkthrough of all my resolved TryHackMe rooms

Extracts metadata music metadata found in audio files

C++ Reflection & Serialization using Clang's LibTooling

StalkPhish - The Phishing kits stalker, harvesting phishing kits for investigations.

Goca Scanner

Python 3.5+ DNS asynchronous brute force utility

A Tool for Domain Flyovers

Intelligence tool but without API key

HostHunter a recon tool for discovering hostnames using OSINT techniques.

A single file container/archive that can be reconstructed even after total loss of file system structures

Most usable tools for iOS penetration testing

Reconnaissance tool for GitHub code search. Finds exposed API keys using pattern matching, commit history searching, and a unique result scoring system.

A collection of awesome security hardening guides, tools and other resources

A default credential scanner.

Recover files using lists of blocks hashes, bypassing the File System entirely

Multi source CVE/exploit parser.

Super simple and fast html page meta data extractor with low memory footprint

TIGMINT: OSINT (Open Source Intelligence) GUI software framework

Page metadata as a service

This script will automatically set up an OSINT workstation starting from a Ubuntu OS.

LinkedinScraper is an another information gathering tool written in python. You can scrape employees of companies on Linkedin.com and then create these employee names, titles and emails.

📙 Awesome collection of meta tags

Selenium powered Python script to automate searching for vulnerable web apps.

Port scanning and domain utility.

Fully automated offensive security framework for reconnaissance and vulnerability scanning

Public Repository of Open Source Tools for Cyber Threat Intelligence Analysts and Researchers

Manage HTML metadata in Vue.js components with SSR support

Prowler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 200 controls covering CIS, ISO27001, GDPR, HIPAA, SOC2, ENS and other security frameworks.

List of Awesome Asset Discovery Resources

Попытка ответить на вопрос о резольверах, проверяющих домены из списка РКН

DeimosC2 is a Golang command and control framework for post-exploitation.

Snoop — инструмент разведки на основе открытых данных (OSINT world)

API, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)

Web Inventory tool, takes screenshots of webpages using Pyppeteer (headless Chrome/Chromium) and provides some extra bells & whistles to make life easier.

An advanced tool for email reconnaissance

operative framework is a OSINT investigation framework, you can interact with multiple targets, execute multiple modules, create links with target, export rapport to PDF file, add note to target or results, interact with RESTFul API, write your own modules.

Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.

Tests for race conditions in web applications. Includes a RESTful API to integrate into a continuous integration pipeline.

Alcide Kubernetes Audit Log Analyzer - Alcide kAudit

Dark Web OSINT Tool

Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.

Maintained collection of OSINT related resources. (All Free & Actionable)

Scrapes Router Passwords From http://www.routerpasswords.com ,more then +300 product

A simple way to know if you are on the list of major security breaches like "HIBP", but it is specific for Iran.

All In One Pentesting Tool For Recon & Auditing , Phone Number Lookup , Header , SSH Scan , SSL/TLS Scan & Much More.

Links for the OSINT Team

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

We propose a user-friendly add-on that allows you to check if your encrypted web traffic (SSL/TLS) towards secured Internet servers (HTTPS) is not intercepted (being listened to).