1223 Open source projects that are alternatives of or similar to NIST-to-Tech

This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.

Monitoring GitHub for sensitive data shared publicly

All In One Pentesting Tool For Recon & Auditing , Phone Number Lookup , Header , SSH Scan , SSL/TLS Scan & Much More.

Monitoring GitLab for sensitive data shared publicly

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

Vulnerability Dashboard

Misc. Public Reports of Penetration Testing and Security Audits.

Monitoring your Slack workspaces for sensitive information

Snoop — инструмент разведки на основе открытых данных (OSINT world)

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

Argus Advanced Remote & Local Keylogger For macOS and Windows

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

🔐 Docker Container for Penetration Testing & Security

You didn't think I'd go and leave the blue team out, right?

A collection of awesome security hardening guides, tools and other resources

A Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the necessary hardware and setup and finally provide some examples of how you can use the power of Zeek to have absolute control over your network.

Offensive Reverse Shell (Cheat Sheet)

个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

Utility for hunting UAC bypasses or COM/DLL hijacks that alerts on the exported function that was consumed.

Awesome Node.js Security resources

Purple Team Exercise Framework

🌒 Shell command obfuscation to avoid detection systems

Hershell is a simple TCP reverse shell written in Go.

Chashell is a Go reverse shell that communicates over DNS. It can be used to bypass firewalls or tightly restricted networks.

Leaked pentesting manuals given to Conti ransomware crooks

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

An inventory of tools and resources about CyberSecurity that aims to help people to find everything related to CyberSecurity.

Automated, extensible toolset that runs cypher queries against Bloodhound's Neo4j backend and saves output to spreadsheets.

Provides various Windows Server Active Directory (AD) security-focused reports.

🔑 Hash type identifier (CLI & lib)

Data leak checker & OSINT Tool

A collection of electronic hacker magazines carefully curated over the years from multiple sources

A Python Bytecode Disassembler helping reverse engineers in dissecting Python binaries by disassembling and analyzing the compiled python byte-code(.pyc) files across all python versions (including Python 3.10.*)

一款适用于红蓝对抗中的仿真钓鱼系统

Scan for and exploit Consul agents

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

A collection of some of my scripts

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

This script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)

TryHackMe CTFs writeups, notes, drafts, scrabbles, files and solutions.

Webshell Manager

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

Functions that can be used to gain Reverse Shells with PowerShell

OSINT Bookmarks for Firefox / Chrome / Edge / Safari

rsGen is a Reverse Shell Payload Generator for hacking.

An advanced tool for email reconnaissance

🖖 Fast, modern, easy-to-use network scanner

🔎Searches Hash APIs to crack your hash quickly🔎 If hash is not found, automatically pipes into HashCat⚡

Attack Surface Management Platform | Sn1perSecurity LLC

Pentest: Subdomains enumeration tool for penetration testers.

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

PyIris is a modular remote access trojan toolkit written in python targeting Windows and Linux systems.

WebMap-Nmap Web Dashboard and Reporting

OPCDE Cybersecurity Conference Materials

We propose a user-friendly add-on that allows you to check if your encrypted web traffic (SSL/TLS) towards secured Internet servers (HTTPS) is not intercepted (being listened to).

Smersh is a pentest oriented collaborative tool used to track the progress of your company's missions.

VirusTotal Wanna Be - Now with 100% more Hipster

Responsive Command and Control System

The Collective. A repo for a collection of red-team projects found mostly on Github.