763 Open source projects that are alternatives of or similar to O365spray

Common password pattern generator using strings list

Dorks for shodan.io. Some basic shodan dorks collected from publicly available data.

A collection of public offensive and defensive security related scripts for InfoSec students.

An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.

OSSSM (awesome). Open source short-term secure messaging

ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产，构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产，发现存在的薄弱点和攻击面。

The ultimate WinRM shell for hacking/pentesting

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

Awesome Golang Security resources 🕶🔐

An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR

Automatic SSRF fuzzer and exploitation tool

VOIP Security Audit Framework

🚀 Fast Port Scanner 🚀

Awesome hacking is an awesome collection of hacking tools.

A Golang Reverse Shell w/ a Tmux-driven psuedo-C2 Interface

Attack Surface Analyzer can help you analyze your operating system's security configuration for changes during software installation.

A security monitoring solution for Kubernetes

A note-taking macOS app for penetration-testers.

An application to assist in the organization and prioritization of software security activities.

Fast Modular Web Interfaces Bruteforcer

A curated list of various bug bounty tools

Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start

自己收集整理自用的字典

Open source all-in-one CLI tool to semi-automate pentesting.

C2Hack, sharing tips and tricks for pentesters

snopf USB password token

This is a rich-featured Visual Basic macro code for use during Penetration Testing assignments, implementing various advanced post-exploitation techniques.

Android Mobile Device Hardening

An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.

A fast web directory/file enumeration tool written in Rust

This ansible role gets information from an AWS VPC and generate a graphical representation of security groups

Faster and more efficient stateless SYN scanner and banner grabber due to userland TCP/IP stack usage.

outis is a custom Remote Administration Tool (RAT) or something like that. It was build to support various transport methods (like DNS) and platforms (like Powershell).

Penetration tests guide based on OWASP including test cases, resources and examples.

Command line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.

A CLI tool for automating the importing, securing and usage of NordVPN (and in the future, more) OpenVPN servers through NetworkManager.

A library to check for compromised passwords

cve-2019-0604 SharePoint RCE exploit

Automatic Service Enumeration Script

A wrapper for Nmap to quickly run network scans

Exporter is a Burp Suite extension to copy a request to the clipboard as multiple programming languages functions.

🚿 Sanitising your documents, one threat at a time. — Content Disarm & Reconstruction Software

Awesome Node.js Security resources

溯光 (TrackRay) 3 beta⚡渗透测试框架（资产扫描|指纹识别|暴力破解|网页爬虫|端口扫描|漏洞扫描|代码审计|AWVS|NMAP|Metasploit|SQLMap）

Work in progress firewall for Linux syscalls, written in Rust

The Offensive Manual Web Application Penetration Testing Framework.

Collection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)

An Infrastructure as Code (IaC) deployment of a small Active Directory pentest lab in the cloud. The deployment simulates a semi-realistic corporate enterprise Active Directory with a DC and endpoints. Purple team goals include blue team detection capabilities and R&D for detection engineering new approaches.

This is the full file system fuzzing framework that I presented at the Hack in the Box 2020 Lockdown Edition conference in April.

Simple, extensible and powerful enumeration implementation for Laravel.

The clever vulnerability dependency finder

Vulnerability Recurrence:漏洞复现记录

Pop shells like a master.

Qualys sslabs-scan utility in a tiny docker image

SSRF (Server Side Request Forgery) testing resources

Web Application recon automation

bug bounty hunters starter notes

Secure, human-friendly, cross-platform secrets and config.

Tools to automate and/or expedite response.