307 Open source projects that are alternatives of or similar to Personal Security Checklist

Tool made to automate tasks of pentesting.

A service that can track data breaches like "Have I Been Pwned", but it is specific for Taiwan.

Hide secrets with invisible characters in plain text securely using passwords 🧙🏻‍♂️⭐

Monitoring your Slack workspaces for sensitive information

A tool to hunt for publicly accessible DigitalOcean Spaces

SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈

A vulnerable iOS App with Security Challenges for the Security Researcher inside you.

"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.

jsonp is a Burp Extension which attempts to reveal JSONP functionality behind JSON endpoints. This could help reveal cross-site script inclusion vulnerabilities or aid in bypassing content security policies.

Open source Android, iOS and Web app for learning about and managing digital and physical security. From how to send a secure message to dealing with a kidnap. Umbrella has best practice guides in over 40 topics in multiple languages. Used daily by people working in high risk countries - journalists, activists, diplomats, business travelers etc.

Agile Threat Modeling Toolkit

📡 A python program to create a fake AP and sniff data.

A portable OSINT Swiss Army Knife for DFIR/OSINT professionals 🕵️ 🕵️ 🕵️

Find leaked emails with your passwords

Ronin is a Ruby platform for vulnerability research and exploit development. Ronin allows for the rapid development and distribution of code, Exploits or Payloads, Scanners, etc, via Repositories.

Offensive tools as Dockerfiles. Lightweight & Ready to go

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

PyIris-backdoor is a modular, stealthy and flexible remote-access-toolkit written completely in python used to command and control other systems. It is now in the beta stage, possibly perpetually. There are bugs still present in the framework, feel free to contribute or help me out with this project its still under active development >_>

A Blazing fast Security Auditing tool for Kubernetes

Kurukshetra - A framework for teaching secure coding by means of interactive problem solving.

🔐 Security advisories as a simple composer exclusion list, updated daily

Monitoring GitLab for sensitive data shared publicly

OSINT Project

A permutation generation tool written in golang

🔓 A dynamic dictionary merger for successful dictionary based attacks.

Leverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.

Python script to hunt phishing kits

qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.

OWASP Honeypot, Automated Deception Framework.

分布式资产安全扫描核心管理系统(弱口令扫描，漏洞扫描)

A python script that finds endpoints in JavaScript files

Decode All Bases - Base Scheme Decoder

Generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage.

KeyDecoder app lets you use your smartphone or tablet to decode your mechanical keys in seconds.

Repo replaced by cogsec-collaborative/AMITT

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

A little collection of fun and creative proof of concepts to demonstrate the potential impact of a security vulnerability.

An OSINT tool to find contacts in order to report security vulnerabilities.

Windows one line commands that make life easier, shortcuts and command line fu.

A medium interaction printer honeypot 🍯

Detect silent (unwanted) changes to files on your system

Credsleaker allows an attacker to craft a highly convincing credentials prompt using Windows Security, validate it against the DC and in turn leak it via an HTTP request.

Auto setup is a bash script compatible with Debian based distributions to install and setup necessary programs.

Yar is a tool for plunderin' organizations, users and/or repositories.

Wireshark Cheat Sheet

A collection of all the data i could extract from 1 billion leaked credentials from internet.

A Bind9 server for pentesters to use for Out-of-Band vulnerabilities

🔐 Docker Container for Penetration Testing & Security

internet monitoring osint telegram bot for windows

Cameradar hacks its way into RTSP videosurveillance cameras

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

Find cloud assets that no one wants exposed 🔎 ☁️

💻🛡️ A curated collection of awesome resources, tools, and other shiny things for cybersecurity blue teams.

Anti-keylogger/anti-rat application for Windows

Exploit Development, Reverse Engineering & Cryptography

Dashboard to collect, analyze, and respond to reported phishing emails.

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…

An automatic SQL Injection tool which takes advantage of ~DorkNet~ Googler, Ddgr, WhatWaf and sqlmap.

Hawkeye filesystem analysis tool

Notes Taken for HTB Machines & InfoSec Community.