650 Open source projects that are alternatives of or similar to PandorasBox

Reverse shell manager using tmux and ncat

a Go code to detect leaks in JS files via regex patterns

This repository contains wordlists for each versions of common web applications and content management systems (CMS). Each version contains a wordlist of all the files directories for this version.

XSS in pastebin.com and reddit.com via unsanitized markdown output

Web App Pen Tester (Web Interface)

Domain availbility checker

Reconness Agents Script

Leverage the ability of Terraform and AWS or GCP to distribute large security scans across numerous cloud instances.

My notes on PentesterLab's Bootcamp series 🕵️

Statically-linked ssh server with reverse shell functionality for CTFs and such

Pentesting/Bugbounty Dockerfiles.

domhttpx is a google search engine dorker with HTTP toolkit built with python, can make it easier for you to find many URLs/IPs at once with fast time.

🦄🔒 Awesome list of secrets in environment variables 🖥️

List of Bluetooth BR/EDR/LE security resources

Nuubi Tools (Information-ghatering|Scanner|Recon.)

The ldap2json script allows you to extract the whole LDAP content of a Windows domain into a JSON file.

This script will you help to find the information about the website and to help in penetrating testing

VOIP Security Audit Framework

A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.

Oracle Database Penetration Testing Reference (10g/11g)

Para pencari bug / celah kemanan bisa bergabung.

link is a command and control framework written in rust

Community Workflow for the Osmedeus Engine that describes basic reconnaissance methodology for you to build your own

HTTP fuzzer engine security oriented

CdkGoat is Bridgecrew's "Vulnerable by Design" AWS CDK repository. CdkGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.

The ldapconsole script allows you to perform custom LDAP requests to a Windows domain.

A vulnerability fuzzing tool written in bash, it contains the most commonly used tools to perform vulnerability scan

Subcert is an subdomain enumeration tool, that finds all the subdomains from certificate transparency logs.

A Collection of articles, videos, blogs, talks and other materials on Node.js Security

A simple Python script that reads a text file with lots of e-mails and passwords, and tries to check if those credentials are valid by trying to login on IMAP servers.

Kubernetes Scanner

Subdomain enumeration tool, asynchronous dns packets, use pcap to scan 1600,000 subdomains in 1 second

Running nuclei Continuously

CloudFlare Checker written in Go

Open Redirect scanner - (out of date)

Multi OTP Spam Amp/Paralell threads

Modular personalized dictionary generator.

Little tool made in python to create payloads for Linux, Windows and OSX with unique handler

🛡️ Awesome Cloud Security Resources ⚔️

Python-based CLI Password Analyser (Reporting Tool)

Captive wifi hotspot bypass tool for Linux

An actively maintained, Self curated notes related to android application security for security professionals, bugbounty hunters, pentesters, reverse engineer, and redteamers.

🐰 Managing command snippets for hackers/bug bounty hunters. with pet.

Argus Advanced Remote & Local Keylogger For macOS and Windows

Get GTFOBins info about a given exploit from the command line

Common Web Managers Fuzz Wordlists

An RPC attack framework for Blockchain nodes.

List of every possible vulnerabilities in computer security.

Misc. Public Reports of Penetration Testing and Security Audits.

Automated script to run all modules for a specified list of domains, netblocks or company name

Subdomain discovery using the power of 'The Rapid7 Project Sonar datasets'

🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks

DNS hijacking via dead records automation tool

A Security Tool for Enumerating WebSockets

🔑 Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles & Credentials.

Identity & Access Management simplified and secure.

AutoPentest-DRL: Automated Penetration Testing Using Deep Reinforcement Learning

Scripts usados en mi formación de Offensive Security por medio de la suscripción Learn Unlimited

Simple vueJS based command generator which I developed in order to learn vueJS a little bit more.

Modified Nuclei Templates Version to FUZZ Host Header