165 Open source projects that are alternatives of or similar to moodlescan

Command line tool for testing CRLF injection on a list of domains.

Static code analysis tool based on Elasticsearch

Website Security, Antivirus & Firewall || a powerful application that can secure your website against hackers, attacks and other incidents of abuse

kunpeng是一个Golang编写的开源POC框架/库，以动态链接库的形式提供各种语言调用，通过此项目可快速开发漏洞检测类的系统。

Bento Toolkit is a minimal fedora-based container for penetration tests and CTF with the sweet addition of GUI applications.

Some of my public exploits

Free and open source Manga CMS (Deprecated!)

Local Exploit for Meltdown

Ninjaberry: Raspberry Pi UI for @bettercap

Source Code Security Audit (源代码安全审计)

A default credential scanner.

🔎 Python framework to automatically discover and enumerate hosts from different back-end systems (Shodan, Censys)

Struts2の脆弱性S2-045, S2-055 および Jackson の脆弱性 CVE-2017-7525, CVE-2017-15095 の調査報告

Subdomain takeover vulnerability checker

大型内网渗透扫描器&Cobalt Strike，Ladon8.9内置120个模块，包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2，密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem，Poc/Exploit,支持Cobalt Strike 3.X-4.0

Mikrotik RouterOS (6.x < 6.38.5) exploit kit. Reverse engineered from the "Vault 7" WikiLeaks publication.

A collection of security related Python and Bash shell scripts. Analyze hosts on generic security vulnerabilities. Wrapper around popular tools like nmap (portscanner), nikto (webscanner) and testssl.sh (SSL/TLS scanner)

mirror of gera's insecure programming examples | http://community.coresecurity.com/~gera/InsecureProgramming/

YAWAST ...where a pentest starts. Security Toolkit for Web-based Applications

Safety checks your installed dependencies for known security vulnerabilities

Command-line tool for generating recovery codes for Hikvision IP Cameras

A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).

A static analysis security vulnerability scanner for Ruby on Rails applications

Shodan API client

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

Example of using revealed "Spectre" exploit (CVE-2017-5753 and CVE-2017-5715)

THIS REPOSITORY HAS BEEN MOVED TO https://github.com/wpscanteam/wpscan USE THAT!!!

A fast TCP port scanner

A curated list of vulnerable web applications.

🎯 Command Injection Payload List

NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.

🔐 Security advisories as a simple composer exclusion list, updated daily

Distributed filesystem scanner

Fuzzapi is a tool used for REST API pentesting and uses API_Fuzzer gem

golang version for nmap service and application version detection (without nmap installation)

WebLogic Honeypot is a low interaction honeypot to detect CVE-2017-10271 in the Oracle WebLogic Server component of Oracle Fusion Middleware. This is a Remote Code Execution vulnerability.

Offensive vulnerability scanner for ethereum, and symbolic execution tool for the Ethereum Virtual Machine

A tool to update your project's dependencies on GitHub. Runs on pyup.io, comes with a command line interface.

🐞 Primitive Erlang Security Tool

Exploit management framework

The OWASP ZAP core project

Tracking CVEs for the linux Kernel

Security tool to trace URL's jumps across the rel links to obtain the last URL

Sandfly Security Agentless Compromise and Intrusion Detection System For Linux

Application Layer DoS attack simulator

Find interesting and potentially hazardous commits in git projects

A Machine Learning approach for classifying a file as Malicious or Legitimate

Checklist of security precautions for Ruby on Rails applications.

Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.

SSL and TLS protocol test suite and fuzzer

Simple Golang HTTPS/TLS Examples

Vulnogram is a tool for creating and editing CVE information in CVE JSON format

ROPium is a tool that helps you building ROP exploits by finding and chaining gadgets together

bWAPP latest modified for PHP7

Tool for breaking into web applications.

收集网络上公开的漏洞扫描器的白皮书。

Plugin to block compilation when unapproved dependencies are used or code styling does not comply.

Python script that collects SSL/TLS information from hosts

EKOLABS esta dedicada para investigadores independientes y para la comunidad del Software Libre. Vamos a proveer de stands completos con monitor, alimentacion de energia y acceso a internet por cable, y vos vas a traer tu maquina para mostrar tu trabajo y responder preguntas de los participantes de Ekoparty Security Conference