608 Open source projects that are alternatives of or similar to Nmap Nse Info

Quickly analyze and reverse engineer Android packages

Web Application Security Automation Framework which recons the target for various assets to maximize the attack surface for security professionals & bug-hunters

Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting

Passhunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.

Scripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient

A distributed nmap / masscan scanning framework complete with an API client for automation workflows

OneForAll是一款功能强大的子域收集工具

Sifter aims to be a fully loaded Op Centre for Pentesters

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

A graph-based tool for visualizing effective access and resource relationships in AWS environments.

C2/post-exploitation framework

This is a multi-use bash script for Linux systems to audit wireless networks.

Advanced Graphical User Interface for NMap

Single-file PHP shell

My collection of nmap NSE scripts

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.

A .NET Standard library for pentesting web apps against credential stuffing attacks.

Burpsuite-Plugins-Usage

Python based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.

This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference

API, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)

Micro-framework for rapid development of reusable security tools

Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.

Empire HTTP(S) C2 redirector setup script

A repo with information about security of Ethereum Smart Contracts

Find exploit tool

Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.

Enumerate usernames on a domain where you have no creds by using SMB Relay with low priv.

Abusing Impersonation Privileges on Windows 10 and Server 2019

Some of my security stuff and vulnerabilities. Nothing advanced. More to come.

Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.

My OSCP journey

Mass scan IPs for vulnerable services

A standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)

SessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally.

An asynchronous enumeration & vulnerability scanner. Run all the tools on all the hosts.

🔨 A modern multiple reverse shell sessions manager wrote in go

Scaling Network Scanning. Changes prior to 1.0 may cause difficult to avoid backwards incompatibilities. You've been warned.

fast TCP banner grabbing with node.js

My simple Swiss Army knife for http/https troubleshooting and profiling.

Automate Pentest Tool

Offensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.

Semi-automatic OSINT framework and package manager

👻 A LAN dropbox chatbot controllable via Telegram

Advanced Web Shell

Appsecco training course content on Attacking and Auditing Dockers Containers and Kubernetes Clusters

A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.

OSINT Tool: Generate username lists for companies on LinkedIn

A vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.

A curated list of awesome OSCP resources

Dump exposed HTTP .git fast

个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

A swiss army knife for pentesting networks

WeirdAAL (AWS Attack Library)

Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python

mXtract - Memory Extractor & Analyzer

BURP extension to record every HTTP request send via BURP and create an audit trail log of an assessment.

A runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python.