1703 Open source projects that are alternatives of or similar to Otseca

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

Provides various Windows Server Active Directory (AD) security-focused reports.

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…

🏴‍☠️ Information Gathering tool 🏴‍☠️ DNS / Subdomains / Ports / Directories enumeration

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

API, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)

A Go implementation of dirsearch.

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

Attack Surface Management Platform | Sn1perSecurity LLC

Hacking Toolkit

本程序旨在为安全应急响应人员对Linux主机排查时提供便利，实现主机侧Checklist的自动全面化检测，根据检测结果自动数据聚合，进行黑客攻击路径溯源。

Collection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)

Set of tools to audit SIP based VoIP Systems

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)

Powerful Visual Subdomain Enumeration at the Click of a Mouse

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

💀 A bash hacking and scanning framework.

Docker auditing and enumeration script.

PacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.

Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.

a commandline #OSINT tool to find the online presence of a username in popular social media websites like Facebook, Instagram, Twitter, etc.

A super tiny system information fetch script written in BASH

Vulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.

Python package used for generating HTML reports about the contents of Esri geodatabases.

Yet another system fetch that is minimal and customizable

An open source tool to aid in command line driven generation of bug bounty reports based on user provided templates.

Pentest Report Generator

This script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)

🦄🔒 Awesome list of secrets in environment variables 🖥️

a tool to analyze filesystem images for security

Portable, advanced system information utility

The Simplistic Information Gathering Engine | Find Advanced Information on a Username, Website, Phone Number, etc.

Linux System Optimizer and Monitoring - https://oguzhaninan.github.io/Stacer-Web

Phomber is infomation grathering tool that reverse search phone numbers and get their details, written in python3.

Yet another *nix distro fetching program, but less complex.

Repository of my CTF writeups

A humble, and fast, security-oriented HTTP headers analyzer

A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.

A fully automatic wifi deauther coded in Python

Security Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.

一键提取安卓应用中可能存在的敏感信息。

Pre-connection attacks, gaining access & post-connection attacks on WEP, WPA & WPA2. 🛰✔️

This repo will contain some basic pentest/RT commands.

A Docker Image For the Open Vulnerability Assessment Scanner (OpenVAS)

Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.

Comprehensive Web Based Phishing Suite for Rapid Deployment and Real-Time Alerting!

巡风是一款适用于企业内网的漏洞快速应急，巡航扫描系统。

An Arch Linux repository for security professionals and enthusiasts. Done the Arch Way and optimized for i686, x86_64, ARMv6, ARMv7 and ARMv8.

IP Tools To quickly get information about IP Address's, Web Pages and DNS records.

Fully automated offensive security framework for reconnaissance and vulnerability scanning

🤖 The Modern Port Scanner 🤖

Web Scan Lazy Tools - Python Package

A REST API security testing framework.

Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

Rust library for getting system information

Linux vulnerability scanner based on Salt Open and Vulners audit API, with Slack notifications and JIRA integration

Next generation web scanner

Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.