470 Open source projects that are alternatives of or similar to Myscan

Burp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Application Security Testing (DAST).

Exporter is a Burp Suite extension to copy a request to the clipboard as multiple programming languages functions.

Rescope is a tool geared towards pentesters and bugbounty researchers, that aims to make life easier when defining scopes for Burp Suite and OWASP ZAP.

A simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support

InQL - A Burp Extension for GraphQL Security Testing

A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).

Burp Extender plugin that generates a sitemap of a website using Wayback Machine

Collaborative malware analysis framework

👻Impost3r -- A linux password thief

HTTP Request Smuggling over HTTP/2 Cleartext (h2c)

Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

Web-based Source Code Vulnerability Scanner

🔨 Manage your website via terminal

A repository for maintaining lists of things like malicious URLs, fake token addresses, and so forth. We love lists.

A light-weight password manager with a focus on simplicity and security

Credentials catching honeypot

Watchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.

Toolbox containing research notes & PoC code for weaponizing .NET's DLR

Web Scan Lazy Tools - Python Package

Remove code signatures from OSX Mach-O binaries (note: unsigned binaries cannot currently be re-codesign'ed. Patches welcome!)

syzkaller is an unsupervised coverage-guided kernel fuzzer

Next generation web scanner

Fully automated offensive security framework for reconnaissance and vulnerability scanning

ssh mitm server for security audits supporting public key authentication, session hijacking and file manipulation

A tool for identifying misconfigured CloudFront domains

Help building an adaptive and fine-grained pod security policy

DNS Subdomain● Brute force ● Web Spider ● Nmap Scan ● etc

Awesome Ruby Security resources

Prowler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 200 controls covering CIS, ISO27001, GDPR, HIPAA, SOC2, ENS and other security frameworks.

Security Orchestration, Automation and Response (SOAR) Platform. 安全编排与自动化响应平台，无需编写代码的安全自动化，使用 SOAR 可以让团队工作更加高效

Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"

A Python Tool For google Hacking

Search for Directory Traversal Vulnerabilities

🤖 The Modern Port Scanner 🤖

Bandit is a tool designed to find common security issues in Python code.

BurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite).

RMIScout uses wordlist and bruteforce strategies to enumerate Java RMI functions and exploit RMI parameter unmarshalling vulnerabilities

PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform

百宝箱

Secure, Unified, Powerful and Extensible Rust Android Analyzer

A REST API security testing framework.

Ladon Pentest Scanner framework 全平台LadonGo开源内网渗透扫描器框架，使用它可轻松一键批量探测C段、B段、A段存活主机、高危漏洞检测MS17010、SmbGhost，远程执行SSH/Winrm，密码爆破SMB/SSH/FTP/Mysql/Mssql/Oracle/Winrm/HttpBasic/Redis，端口扫描服务识别PortScan指纹识别/HttpBanner/HttpTitle/TcpBanner/Weblogic/Oxid多网卡主机，端口扫描服务识别PortScan。

⬆️ ☠️ Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, polkit, docker socket

🔎 shodansploit > v1.3.0

Complete Listing and Usage of Tools used for Ethical Hacking

Identify vulnerabilities in running containers, images, hosts and repositories

secureCodeBox (SCB) - continuous secure delivery out of the box

My simple Swiss Army knife for http/https troubleshooting and profiling.

Store data in a simple and secure way

A Deep Graph-based Toolbox for Fraud Detection

WEB SERVICE SECURITY ASSESSMENT TOOL

Awesome .NET Security Resources

Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.

🛡️ A private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management, so you can use TLS everywhere & SSO for SSH.

Web Application Security Automation Framework which recons the target for various assets to maximize the attack surface for security professionals & bug-hunters

An automated target reconnaissance pipeline.

This repository created for personal use and added tools from my latest blog post.

Web application vulnerability scanner

这是基于Burp Suite官方文档翻译而来的中文版文档

Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT