2526 Open source projects that are alternatives of or similar to Pentesting Bible

Network Pivoting Toolkit

Find emails of Github users

Attempting to be an all in one repo for others' userful aggressor scripts as well as things we've found useful during Red Team Operations.

Exploit Development and Reverse Engineering with GDB Made Easy

Reconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.

In-depth Attack Surface Mapping and Asset Discovery

Nmap and NSE command line wrapper in the style of Metasploit

A Deliberately Insecure Web Application

Domain availbility checker

Web application vulnerability scanner

Log any method call of object in Objective-C

Solutions and write-ups from security-based competitions also known as Capture The Flag competition

My own OSCP guide

Chromepass - Hacking Chrome Saved Passwords

Snoop — инструмент разведки на основе открытых данных (OSINT world)

Malice AntiVirus Plugins

CLI program that collects information from facebook user profiles via Selenium.

📚 A Curated List of Awesome Telegram OSINT Tools, Sites & Resources

Android virtual machine and deobfuscator

🤖 The Modern Port Scanner 🤖

Patch iOS Apps, The Easy Way, Without Jailbreak.

LD_PRELOAD rootkit

Malware Machine Learning

Give a Mask to Phishing URL like a PRO.. A MUST have tool for Phishing.

A Python Tool For google Hacking

Python 3.5+ DNS asynchronous brute force utility

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

👀 🖥️ Golang rewrite of eyes.sh. Let's you perform domain/IP address information gathering. Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?" 🔍 🕵️

An Python Script For Generating Payloads that Bypasses All Antivirus so far .

Designed to scan and exploit vulnerabilities within Tor hidden services. TORhunter allows most tools to work as normal while resolving .onion

Command line tool that allows you to explore IoT devices by using Shodan API.

Just another script for automatize boolean-based blind SQL injections. (Demo)

👨🏻‍💻 A great tool for Ethical Hackers, a malware programmed with Backdoor and Keylogger.

👁 (s)AINT is a Spyware Generator for Windows systems written in Java. [Discontinued]

SecurityExplained is a new series after the previous learning challenge series #Learn365. The aim of #SecurityExplained series is to create informational content in multiple formats and share with the community to enable knowledge creation and learning.

Information gathering tool - OSINT

Detects the algorithm of input JWT Token and provide options to generate the new JWT token based on the user selected algorithm.

A OSINT tool to obtain a target's phone number just by having his email address

DRAKVUF Sandbox - automated hypervisor-level malware analysis system

Load a fresh new copy of ntdll.dll via file mapping to bypass API inline hook.

Script to facilitate different functions and checks

Public Repository of Open Source Tools for Cyber Threat Intelligence Analysts and Researchers

locate and attack Lync/Skype for Business

Nuubi Tools (Information-ghatering|Scanner|Recon.)

This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference

Top 100 Hacking & Security E-Books (Free Download)

Droidefense: Advance Android Malware Analysis Framework

Tool to generate smart and powerful wordlists

Comprehensive Web Based Phishing Suite for Rapid Deployment and Real-Time Alerting!

Information Gathering Instagram.

A Linux packet crafting tool.

SSMA - Simple Static Malware Analyzer [This project is not maintained anymore by me]

Simpleator ("Simple-ator") is an innovative Windows-centric x64 user-mode application emulator that leverages several new features that were added in Windows 10 Spring Update (1803), also called "Redstone 4", with additional improvements that were made in Windows 10 October Update (1809), aka "Redstone 5".

Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.

A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.

For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙

👻Impost3r -- A linux password thief

Automatic SQL injection and database takeover tool

一款功能强大的漏洞扫描器，子域名爆破使用aioDNS，asyncio异步快速扫描，覆盖目标全方位资产进行批量漏洞扫描，中间件信息收集，自动收集ip代理，探测Waf信息时自动使用来保护本机真实Ip，在本机Ip被Waf杀死后，自动切换代理Ip进行扫描，Waf信息收集(国内外100+款waf信息)包括安全狗，云锁，阿里云，云盾，腾讯云等，提供部分已知waf bypass 方案，中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等)，支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能

Idiomatic nmap library for go developers