578 Open source projects that are alternatives of or similar to Nebulousad

Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.

The clever vulnerability dependency finder

Scapy: the Python-based interactive packet manipulation program & library. Supports Python 2 & Python 3.

pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.

Send encrypted PGP messages with one click

Qualys sslabs-scan utility in a tiny docker image

Firewall bypass script based on DNS history records. This script will search for DNS A history records and check if the server replies for that domain. Handy for bugbounty hunters.

A JWT (JSON Web Token) Encoder & Decoder

PacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.

Micro-framework for rapid development of reusable security tools

Enumerate and disable common sources of telemetry used by AV/EDR.

Rescope is a tool geared towards pentesters and bugbounty researchers, that aims to make life easier when defining scopes for Burp Suite and OWASP ZAP.

被动式漏洞扫描系统

A source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' quickly using static analysis with a json based rules engine. Ideal for scanning components before use or detecting feature level changes.

protocol fuzzing toolkit

Tests for race conditions in web applications. Includes a RESTful API to integrate into a continuous integration pipeline.

Security tool to trace URL's jumps across the rel links to obtain the last URL

🔑 Community-driven Rails Security Checklist (see our GitHub Issues for the newest checks that aren't yet in the README)

An Active Defense and EDR software to empower Blue Teams

Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.

A Python SDK for Tufin Orchestration Suite

myscan 被动扫描

Container with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters

The full story of the CLR implementation of Meterpreter

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

Secure, human-friendly, cross-platform secrets and config.

Awesome Python Security resources 🕶🐍🔐

Advanced Netstat Using Python For Windows

🤖 The Modern Port Scanner 🤖

An open source tool to aid in command line driven generation of bug bounty reports based on user provided templates.

Store data in a simple and secure way

vulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}

A static-code-analysis tool for performing security-focused code reviews. It enables an auditor to swiftly map the attack-surface of a large application, with an emphasis on identifying development anti-patterns and footguns.

An Unsupervised Graph-based Toolbox for Fraud Detection

Identify vulnerabilities in running containers, images, hosts and repositories

njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.

Distributed alerting for the masses!

Awesome Ruby Security resources

A collection of public offensive and defensive security related scripts for InfoSec students.

A Python Tool For google Hacking

Scrapes Router Passwords From http://www.routerpasswords.com ,more then +300 product

A command-line tool to get valuable information out of AWS CloudTrail

Detection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.

An open source framework for enterprise level automated analysis.

We propose a user-friendly add-on that allows you to check if your encrypted web traffic (SSL/TLS) towards secured Internet servers (HTTPS) is not intercepted (being listened to).

A next generation version of enum4linux (a Windows/Samba enumeration tool) with additional features like JSON/YAML export. Aimed for security professionals and CTF players.

Curated list of links, references, books videos, tutorials (Free or Paid), Exploit, CTFs, Hacking Practices etc. which are related to AWS Security

python3写的综合扫描工具，主要用来存活验证，敏感文件探测(目录扫描/js泄露接口/html注释泄露)，WAF/CDN识别，端口扫描，指纹/服务识别，操作系统识别，POC扫描，SQL注入，绕过CDN，查询旁站等功能，主要用来甲方自测或乙方授权测试，请勿用来搞破坏。

Exploit Pack -The next generation exploit framework

CLI tool that finds secrets accidentally committed to a git repo, eg passwords, private keys

A binary analysis framework

Tools to automate and/or expedite response.

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Daemon to ban hosts that cause multiple authentication errors

A set of recipes useful in pentesting and red teaming scenarios

JAVA安全SDK及编码规范

Web Content Discovery Tool

OSS Vulnerability Scanner for Windows Platform

Test the accuracy of Endpoint Detection and Response (EDR) software with simple script which executes various ATT&CK/LOLBAS/Invoke-CradleCrafter/Invoke-DOSfuscation payloads

Audit Windows Security with best Practice