1302 Open source projects that are alternatives of or similar to Onelistforall

Web path scanner

swiss army knife for hackers

File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

A tool to fastly get all javascript sources/files

Hacking tools

A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.

Quiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.

Offensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.

Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。

Awesome cloud enumerator

Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

A Python tool used to automate the execution of the following tools : Nmap , Nikto and Dirsearch but also to automate the report generation during a Web Penetration Testing

OSINT

A high performance offensive security tool for reconnaissance and vulnerability scanning

Extract endpoints marked as disallow in robots files to generate wordlists.

Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.

An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.

HostHunter a recon tool for discovering hostnames using OSINT techniques.

Collection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi

Amazingly fast response crawler to find juicy stuff in the source code! 😎🔥

Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

A Not So Very Intelligent Fuzzer: An advanced fuzzing framework designed to find vulnerabilities in C/C++ code.

A collection of various awesome lists for hackers, pentesters and security researchers

Abusing Certificate Transparency logs for getting HTTPS websites subdomains.

Metasploit custom modules, plugins, resource script and.. awesome metasploit collection

my oscp prep collection

macOS FileVault cracking tool

Container with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters

Linux enumeration tool for pentesting and CTFs with verbosity levels

Adds a customizable "Send to..."-context-menu to your BurpSuite.

🏴‍☠️ Information Gathering tool 🏴‍☠️ DNS / Subdomains / Ports / Directories enumeration

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.

📡 A python program to create a fake AP and sniff data.

retrieve information via O365 with a valid cred

GoFingerprint is a Go tool for taking a list of target web servers and matching their HTTP responses against a user defined list of fingerprints.

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

Spoof SSDP replies and create fake UPnP devices to phish for credentials and NetNTLM challenge/response.

Python Interactive Deepweb-oriented Rapid Intelligent Link Analyzer

Your Google Recon is Now Automated

RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.

An automated e-mail OSINT tool

A simple dns resolver of dns-record and web-record log server for pentesting

The ultimate WinRM shell for hacking/pentesting

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

A container repository for my public web hacks!

Set of tools to audit SIP based VoIP Systems

ASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight

Study Notes For Web Hacking / Web安全学习笔记

HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.

Python network worm that spreads on the local network and gives the attacker control of these machines.

A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.

Just Another Linux Enumeration Script: A Bash script for locally enumerating a compromised Linux box

Automated NoSQL database enumeration and web application exploitation tool.

A Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.

Repositório com conteúdo sobre web hacking em português

🔺 Red Team Hardware Toolkit 🔺