608 Open source projects that are alternatives of or similar to Nmap Nse Info

😹 Tomcter is a python tool developed to bruteforce Apache Tomcat manager login with Apache Tomcat default credentials.

Spoilerwall introduces a brand new concept in the field of network hardening. Avoid being scanned by spoiling movies on all your ports!

NetCat for Windows

A python tool to check subdomain takeover vulnerability

Detects the algorithm of input JWT Token and provide options to generate the new JWT token based on the user selected algorithm.

Useful tools and scripts during Penetration Testing engagements

Load a fresh new copy of ntdll.dll via file mapping to bypass API inline hook.

Summary of online learning materials

Quickly analyze and reverse engineer Android packages

红蓝对抗以及护网相关工具和资料，内存shellcode（cs+msf）和内存马查杀工具

NmapPy - Python implementation of Nmap

被动式漏洞扫描系统

Penetration Testing notes, resources and scripts

Linux Rootkits (4.x Kernel)

A curated list of awesome privilege escalation

Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting

A tool for fuzzing for ports that allow outgoing connections

Extract endpoints from APK files

A fully automatic wifi deauther coded in Python

👻Behold3r -- 收集指定网站的子域名，并可监控指定网站的子域名更新情况，发送变更报告至指定邮箱

Sifter aims to be a fully loaded Op Centre for Pentesters

collector for XDR and security posture service

Open source pre-operation C2 server based on python and powershell

PowerShell SOCKS proxy with reverse proxy capabilities

Get notified for new devices on your network

⚡ Perform subdomain enumeration using the certificate transparency logs from Censys.

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

online port scan scraper

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)

A pentesting tool inspired by mr robot and derived by zphisher

Red Team Toolkit is an Open-Source Django Offensive Web-App which is keeping the useful offensive tools used in the red-teaming together.

Steganography brute-force utility to uncover hidden data inside files

Just another script for automatize boolean-based blind SQL injections. (Demo)

parse nmap files

Collection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi

PoC Command and Control Server. Interact with clients through a private web interface, add new users for team sharing and more.

Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.

A tool that automates the process of enumeration

A .NET Standard library for pentesting web apps against credential stuffing attacks.

It's a Docker Environment for pentesting which having all the required tool for VAPT.

Burpsuite-Plugins-Usage

集漏洞验证和任务运行的一个框架

Python based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.

Dumain Bruteforcer - a fast and flexible domain bruteforcer

Open-Source Ransomware As A Service for Linux, MacOS and Windows

Burp Extension for testing authorization issues. Automated request repeating and parameter value extraction on the fly.

Handbook of information collection for penetration testing and src

Raven-Storm is a powerful DDoS toolkit for penetration tests, including attacks for several protocols written in python. Takedown many connections using several exotic and classic protocols.

hassh-utils: Nmap NSE Script and Docker image for HASSH - the SSH client/server fingerprinting method (https://github.com/salesforce/hassh)

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

MSDAT: Microsoft SQL Database Attacking Tool

Quick utility to craft executables for pentesting and managing reverse shells

Dradis Framework: Colllaboration and reporting for IT Security teams

NSE scripts to detect CVE-2020-1350 SIGRED and CVE-2020-0796 SMBGHOST, CVE-2021-21972, proxyshell, CVE-2021-34473

Pre-connection attacks, gaining access & post-connection attacks on WEP, WPA & WPA2. 🛰✔️

DNS Sub-domain brute forcer, in Python + gevent

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

linuxprivchecker.py -- a Linux Privilege Escalation Check Script

Fast web fuzzer written in Go

🦄🔒 Awesome list of secrets in environment variables 🖥️