608 Open source projects that are alternatives of or similar to Nmap Nse Info

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能

hydra

JustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)

pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)

Use ExpiredDomains.net and BlueCoat to find useful domains for red team.

Relational database brute force and post exploitation tool for MySQL and MSSQL

🌔 Official Repository for DarkSpiritz Penetration Framework | Written in Python 🐍

🔐 Docker Container for Penetration Testing & Security

A high performance offensive security tool for reconnaissance and vulnerability scanning

Awesome Nmap Grep

Wi-Fi tools keep getting more and more accessible to beginners, and the Ehtools Framework is a framework of serious penetration tools that can be explored easily from within it. This powerful and simple tool can be used for everything from installing new add-ons to grabbing a WPA handshake in a matter of seconds. Plus, it's easy to install, set up, and utilize.

Yet Another PHP Shell - The most complete PHP reverse shell

Create a VPS on Google Cloud Platform or Digital Ocean easily with Offensive Docker included to launch assessment to the targets.

RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.

Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

PacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting

Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns

A Nmap XSL implementation with Bootstrap.

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

Ruby on Rails Phishing Framework

Collection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi

A .NET Standard library for pentesting web apps against credential stuffing attacks.

Find web directories without bruteforce

Simple multi threaded tool to extract domain related data from commoncrawl.org

Wordpress Attack Suite

Python based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.

API, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)

MSDAT: Microsoft SQL Database Attacking Tool

Easy automated vulnerability scanning, reporting and analysis

Abusing Impersonation Privileges on Windows 10 and Server 2019

Some of my security stuff and vulnerabilities. Nothing advanced. More to come.

A Powerful Subdomain Takeover Tool

My OSCP journey

Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.

无状态子域名爆破工具

A Hashcat wrapper for distributed hashcracking

A web front-end for password cracking and analytics

Mass scan IPs for vulnerable services

SessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally.

Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords

🔨 A modern multiple reverse shell sessions manager wrote in go

fast TCP banner grabbing with node.js

⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡

Nmap - the Network Mapper. Github mirror of official SVN repository.

Automate Pentest Tool

Semi-automatic OSINT framework and package manager

Hack the World using Termux

Advanced Web Shell

Passhunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.

Scripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient

A distributed nmap / masscan scanning framework complete with an API client for automation workflows

A graph-based tool for visualizing effective access and resource relationships in AWS environments.

A curated list of awesome OSCP resources

C2/post-exploitation framework