1956 Open source projects that are alternatives of or similar to Osmedeus

Combining OSINT sources in Elastic Stack

Hacking resources and cheat sheets. References, tools, scripts, tutorials, and other resources that help offensive and defensive security professionals.

Docker image for osint

Plugin to block compilation when unapproved dependencies are used or code styling does not comply.

[DEPRECATED] Enables remote scanning in WiFi Explorer Pro

redteam.wiki

generates weak passwords based on current date

the only php webshell you need.

Misc. Public Reports of Penetration Testing and Security Audits.

Python-based CLI Password Analyser (Reporting Tool)

Wireless USB Rubber Ducky triggered via BLE (make your Ubertooth quack!)

Advanced Search for Twitter.

A tool to find redirection chains in multiple URLs

hacking tool

Social engineering tool [Access Webcam & Microphone & Location Finder] With Python

PowerShell payload generator

asnap aims to render recon phase easier by providing updated data about which companies owns which ipv4 or ipv6 addresses and allows the user to automate initial port and service scanning.

This is an open source project which helps users "guess" their target's email address based on multiple inputs and preferences.

A simple way to know if you are on the list of major security breaches like "HIBP", but it is specific for Iran.

📚 A Curated List of Awesome Telegram OSINT Tools, Sites & Resources

集漏洞验证和任务运行的一个框架

Microsoft Azure Exploitation Framework

all manner of wordlists

Just Another Repo

Turn PuTTY into an SSH login bruteforcing tool.

Python module containing bluetooth utility functions, in particular for easy BLE scanning and advertising

Port scanning and domain utility.

Yet Another LInkedIn Scraper...

Bifrost C2. Open-source post-exploitation using Discord API

phishEye is an ultimate phishing tool in python. Includes popular websites like Facebook, Twitter, Instagram, LinkedIn, GitHub, Dropbox, and many others. Created with Flask, custom templates, and tunneled with ngrok and localhost.run.

Docker container for datasploit framework

An full HTTP server for Phishing. Downloads recursively the entire webpage.

You can find hardcoded Api-Key,Secret,Token Etc..

LinkedinScraper is an another information gathering tool written in python. You can scrape employees of companies on Linkedin.com and then create these employee names, titles and emails.

Argus Advanced Remote & Local Keylogger For macOS and Windows

Find and fix 360+ types of hardcoded secrets and 70+ types of infrastructure-as-code misconfigurations.

Kali image with kali-linux-full metapackage installed, build every night.

Get GTFOBins info about a given exploit from the command line

In my computer security courses I make extensive usage of cheatsheets for various tools and extra materials to complement the student learning if they are willing to do so. I have decided to share them to enable others to take advantage of them

A tool for identifying misconfigured CloudFront domains

Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.

TryHackMe CTFs writeups, notes, drafts, scrabbles, files and solutions.

Script to facilitate different functions and checks

OSINT tool for discovering confidential data leaked on Github.

An RPC attack framework for Blockchain nodes.

Command line tool for passive reconnaissance, able to gather and link public information to a target domain, company or individual. It can make intelligence gathering faster and more effective by drastically reducing manual user interaction. This is achieved through the engineering of a highly customisable single input to multiple output solutio…

Shodan.io Command Line Interface

A Tool that Finds, Enumerates, and Exploits Reolink Cameras.

🔑 Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles & Credentials.

整理一些内网常用渗透小工具

Go scripts for finding sensitive data like API key / some keywords in the github repository

A list of vulnerabilities or design flaws that Microsoft does not intend to fix. Since the number is growing, I decided to make a list. This list covers only vulnerabilities that came up in July 2021 (and SpoolSample ;-))

A collection of some of my scripts

18+Facebook-Phishing.Hack Facebook

Download pictures (or videos) along with their captions and other metadata from Instagram.

Ladon Moudle MS17010 Exploit for PowerShell

Advanced search in search engines, enables analysis provided to exploit GET / POST capturing emails & urls, with an internal custom validation junction for each target / url found.

ASN / RPKI validity / BGP stats / IPv4v6 / Prefix / URL / ASPath / Organization / IP reputation and geolocation lookup tool / Traceroute server

Subdomain discovery using the power of 'The Rapid7 Project Sonar datasets'

The OSINT Omnibus (beta release)