1318 Open source projects that are alternatives of or similar to Offensive Dockerfiles

Extract endpoints from APK files

A OSINT tool to obtain a target's phone number just by having his email address

Intelligence tool but without API key

Quickly analyze and reverse engineer Android packages

Links for the OSINT Team

🔎Searches Hash APIs to crack your hash quickly🔎 If hash is not found, automatically pipes into HashCat⚡

Apache Solr Injection Research

A Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.

Penetration Testing notes, resources and scripts

OSRFramework, the Open Sources Research Framework is a AGPLv3+ project by i3visio focused on providing API and tools to perform more accurate online researches.

Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.

Automated NoSQL database enumeration and web application exploitation tool.

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

Automated Red Team Infrastructure deployement using Docker

Making Favicon.ico based Recon Great again !

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Powerfull XSS Scanning and Parameter analysis tool&gem

📡 A python program to create a fake AP and sniff data.

C2/post-exploitation framework

This challenge is Inon Shkedy's 31 days API Security Tips.

pentest framework

A collection of various GitHub gists for hackers, pentesters and security researchers

Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.

A list of resources for those interested in getting started in bug bounties

K8Cscan大型内网渗透自定义插件化扫描神器，包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用，程序采用多线程批量扫描大型内网多个IP段C段主机，目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本，支持Cobalt Strike联动

People tracker on the Internet: OSINT analysis and research tool by Jose Pino

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)

A curated list of awesome social engineering resources.

X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

jSQL Injection is a Java application for automatic SQL database injection.

Set of tools to audit SIP based VoIP Systems

Vulnerability Dashboard

👥😈 Infect a pc with badusb and establish a connection through telegram.

A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.

Dark Web OSINT Tool

An OSINT Metadata analyzing tool that filters through tags and creates reports

The Swiss Army knife for automated Web Application Testing

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

A framework that create an advanced stealthy dropper that bypass most AVs and have a lot of tricks

Don't let buffer overflows overflow your mind

List of Awesome Asset Discovery Resources

Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.

vulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}

☠️ The Pathwar Project ☠️

RFD Checker - security CLI tool to test Reflected File Download issues

Maintained collection of OSINT related resources. (All Free & Actionable)

An ongoing list of virtual cybersecurity conferences.

An OSINT CLI tool desgined to fast track IP Reputation and Geo-locaton look up for Security Analysts.

Email OSINT & Password breach hunting tool, locally or using premium services. Supports chasing down related email

A toolkit for Security Researchers

Burp Bounty profiles compilation, feel free to contribute!

zynix-Fusion is a framework that aims to centralize, standardizeand simplify the use of various security tools for pentest professionals.zynix-Fusion (old name: Linux evil toolkit) has few simple commands, one of which is theinit function that allows you to define a target, and thus use all the toolswithout typing anything else.

🏴‍☠️ Tools for pentesting, CTFs & wargames. 🏴‍☠️

A community contributed consolidated list of InfoSec meetups in the Asia Pacific region.

Awesome Node.js Security resources

The ultimate WinRM shell for hacking/pentesting

Hacking tools

An OSINT tool to gather information about the real owner of a phone number

Pop shells like a master.