399 Open source projects that are alternatives of or similar to Mosl

Reverse shell generator written in Python 3.

GitHub Sensitive Information Leakage（GitHub敏感信息泄露监控）

Collecting & Hunting for IOCs with gusto and style

A tool to test security of json web token

File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.

Android library to reveal or obfuscate strings and assets at runtime

A note-taking macOS app for penetration-testers.

A collection of security related Python and Bash shell scripts. Analyze hosts on generic security vulnerabilities. Wrapper around popular tools like nmap (portscanner), nikto (webscanner) and testssl.sh (SSL/TLS scanner)

Exporter is a Burp Suite extension to copy a request to the clipboard as multiple programming languages functions.

Some of the best web shells that you might need!

Curated List of Privacy Respecting Services and Software

Light NodeJS rate limiting and response delaying using Redis - including Express middleware.

NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.

NebulousAD automated credential auditing tool.

Set of tools to audit SIP based VoIP Systems

Endpoint detection & Malware analysis software

A binary analysis framework

The request.bin of DNS request

DNS-Discovery is a multithreaded subdomain bruteforcer.

Ghidra Analysis Enhancer 🐉

An application to assist in the organization and prioritization of software security activities.

Tool made to automate tasks of pentesting.

snopf USB password token

Advanced and easy to use penetration testing framework 💣🔎

outis is a custom Remote Administration Tool (RAT) or something like that. It was build to support various transport methods (like DNS) and platforms (like Powershell).

Use ExpiredDomains.net and BlueCoat to find useful domains for red team.

🚿 Sanitising your documents, one threat at a time. — Content Disarm & Reconstruction Software

大型内网渗透扫描器&Cobalt Strike，Ladon8.9内置120个模块，包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2，密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem，Poc/Exploit,支持Cobalt Strike 3.X-4.0

This is the full file system fuzzing framework that I presented at the Hack in the Box 2020 Lockdown Edition conference in April.

Detection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.

Cat-Nip Automated Basic Pentest Tool - Designed For Kali Linux

Extract uncompiled, uncompressed SPA code from Webpack source maps.

Hunt down the secrets from the WebArchives for Fun and Profit

Hyuga 一个用来记录DNS查询和HTTP请求的监控工具。

protocol fuzzing toolkit

Python script to decode common encoded PowerShell scripts

Container with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters

OSS Vulnerability Scanner for Windows Platform

Common password pattern generator using strings list

Intelligence and Reconnaissance Package/Bundle installer.

OSSSM (awesome). Open source short-term secure messaging

A collection of Ansible Playbooks that configure Kali to use Fish & install a number of tools

ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产，构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产，发现存在的薄弱点和攻击面。

Burp Extender plugin that generates a sitemap of a website using Wayback Machine

Webshell Manager

An open source tool to aid in command line driven generation of bug bounty reports based on user provided templates.

Adversary Simulation Framework

dnxfirewall (dad's next-gen firewall), a pure Python next generation firewall built on top of Linux kernel/netfilter.

VOIP Security Audit Framework

Collection of PowerShell network security scripts for system administrators.

A Golang Reverse Shell w/ a Tmux-driven psuedo-C2 Interface

Ansible role to apply a security baseline. Systemd edition.

🧰 A zero trust swiss army knife for working with X509, OAuth, JWT, OATH OTP, etc.

Official Black Hat Arsenal Security Tools Repository

Python script to detect vulnerabilities inside PHP source code using static analysis, based on regex

安全编排与自动化响应平台

FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.

Tools of "The Bug Hunters Methodology V2 by @jhaddix"

The dum^H^H^Hsimplest encryption tool in the world.