1562 Open source projects that are alternatives of or similar to Nimscan

FazPort is an advanced Perl Port Scanner. Scan and Detect open port in every website(s) you want.

Powerful asynchronus IPv4 port scanner for PowerShell

Port scanning and domain utility.

An automated target reconnaissance pipeline.

netscanner - TCP/UDP scanner to find open or closed ports

RMIScout uses wordlist and bruteforce strategies to enumerate Java RMI functions and exploit RMI parameter unmarshalling vulnerabilities

Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

Web-based Source Code Vulnerability Scanner

A REST API security testing framework.

Tactics, Techniques, and Procedures

Web Application Security Automation Framework which recons the target for various assets to maximize the attack surface for security professionals & bug-hunters

The Swiss Army knife for automated Web Application Testing

Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting

It's a simple tool for test vulnerability shellshock

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

A list to discover work of red team tooling and methodology for penetration testing and security assessment

🏴‍☠️ Information Gathering tool 🏴‍☠️ DNS / Subdomains / Ports / Directories enumeration

Python 3.5+ DNS asynchronous brute force utility

Vulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.

PacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.

WEB SERVICE SECURITY ASSESSMENT TOOL

Open source pre-operation C2 server based on python and powershell

The Collective. A repo for a collection of red-team projects found mostly on Github.

Powerful Visual Subdomain Enumeration at the Click of a Mouse

This repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions

A ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network

Command line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.

Qualys sslabs-scan utility in a tiny docker image

mosquito - Automating reconnaissance and brute force attacks

ReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.

Exploit Pack -The next generation exploit framework

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

A collection of public offensive and defensive security related scripts for InfoSec students.

X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

Web path scanner

无状态子域名爆破工具

Snoop — инструмент разведки на основе открытых данных (OSINT world)

DNS Sub-domain brute forcer, in Python + gevent

online port scan scraper

Micro-framework for rapid development of reusable security tools

Webshell Manager

Container with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network

EmbedOS - Embedded security testing virtual machine

Venom - A Multi-hop Proxy for Penetration Testers

Automation for internal Windows Penetrationtest / AD-Security

Collection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)

DeepSea Phishing Gear

Python3 script to perform LDAP queries and enumerate users, groups, and computers from Windows Domains. Ldap_Search can also perform brute force/password spraying to identify valid accounts via LDAP.

A Virtual environment for Pentesting IoT Devices

AWS Identity and Access Management Visualizer and Anomaly Finder

Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework

gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...

A Golang Reverse Shell w/ a Tmux-driven psuedo-C2 Interface

my oscp prep collection

Set of tools to audit SIP based VoIP Systems