763 Open source projects that are alternatives of or similar to O365spray

macro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments. The goal of macro_pack is to simplify exploitation, antimalware bypass, and automatize the process from malicious macro and script generation to final document generation. It also provides a lot of helpful features useful for redteam or security research.

红队综合渗透框架

Chashell is a Go reverse shell that communicates over DNS. It can be used to bypass firewalls or tightly restricted networks.

vulscan 扫描系统：最新的poc&exp漏洞扫描，redis未授权、敏感文件、java反序列化、tomcat命令执行及各种未授权扫描等...

Passive Security Scanner (被动式安全扫描器)

High performance LINQ implementation with minimal heap allocations. Supports enumerables, async enumerables, arrays and Span<T>.

VOIP Security Audit Framework

Drone pentesting framework console

It's a simple tool for test vulnerability shellshock

Attack surface mapping

🚀 Fast Port Scanner 🚀

Attack Surface Management Platform | Sn1perSecurity LLC

pentest framework

Apache Solr Injection Research

A Golang Reverse Shell w/ a Tmux-driven psuedo-C2 Interface

Internal penetration testing tool for Linux that can be used to enumerate OS information, domain information, shares, directories, and users through SMB.

This repository contains a class that allows the enumeration of video and audio devices in order to get the device IDs that are required to create a VideoCapture object inside OpenCV (in Windows).

A curated list of awesome test automation frameworks, tools, libraries, and software for different programming languages. Sponsored by http://sdclabs.com

Awesome hacking is an awesome collection of hacking tools.

Hershell is a simple TCP reverse shell written in Go.

Extract and aggregate threat intelligence.

A security monitoring solution for Kubernetes

Web Inventory tool, takes screenshots of webpages using Pyppeteer (headless Chrome/Chromium) and provides some extra bells & whistles to make life easier.

Burp Suite extension to passively scan for applications revealing server error messages

fireELF - Fileless Linux Malware Framework

A note-taking macOS app for penetration-testers.

Golang security checker

Advanced Netstat Using Python For Windows

HostHunter a recon tool for discovering hostnames using OSINT techniques.

A curated list of various bug bounty tools

WADComs is an interactive cheat sheet, containing a curated list of Unix/Windows offensive tools and their respective commands.

🍿 The perfect Checklist Website for meticulous developers.

Firewall bypass script based on DNS history records. This script will search for DNS A history records and check if the server replies for that domain. Handy for bugbounty hunters.

NodeJS Simple Network Scanner

Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start

The Web Application Hacker's Handbook - Extra Content

This tool aims at automating the identification of potential service running behind ports identified manually either through manual scan or services running locally. The tool is useful when nmap or any scanning tool is not available and in the situation during which you did a manual port scanning and then want to identify the services running behind the identified ports.

Analyses your Java and Python applications for open-source dependencies with known vulnerabilities, using both static analysis and testing to determine code context and usage for greater accuracy. https://eclipse.github.io/steady/

Quickly analyze and reverse engineer Android packages

An ncurses-based Tox client (please make pull requests on the development fork: https://github.com/toktok/toxic)

Pentest Report Generator

Open source all-in-one CLI tool to semi-automate pentesting.

A Bash script that downloads and unzips scripts that will aid with privilege escalation on a Linux system.

Find web directories without bruteforce

🕷️ XSS Listener is a penetration tool for easy to steal data with various XSS.

Android Mobile Device Hardening

Vulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.

Openwrt 18.06.5 featured with the Exein's security framework

PacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.

An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.

An Active Defense and EDR software to empower Blue Teams

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

Explore Indicators of Compromise Automatically

Awesome Python Security resources 🕶🐍🔐

The opposite of Ruler, provides blue teams with the ability to detect Ruler usage against Exchange.

A static analysis security vulnerability scanner for Ruby on Rails applications

NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.

Exploit Pack -The next generation exploit framework

Forseti Security