307 Open source projects that are alternatives of or similar to Personal Security Checklist

qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.

Common password pattern generator using strings list

OWASP Honeypot, Automated Deception Framework.

Webshell Manager

分布式资产安全扫描核心管理系统(弱口令扫描，漏洞扫描)

Python Ransomware Tutorial - YouTube tutorial explaining code + showcasing the ransomware with victim/target roles

A python script that finds endpoints in JavaScript files

This repo is meant to be a list of companies that hire security people full remote.

Decode All Bases - Base Scheme Decoder

rpCheckup is an AWS resource policy security checkup tool that identifies public, external account access, intra-org account access, and private resources.

Generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage.

A community contributed consolidated list of InfoSec meetups in the Asia Pacific region.

KeyDecoder app lets you use your smartphone or tablet to decode your mechanical keys in seconds.

GitBook: OSCP RoadMap

Repo replaced by cogsec-collaborative/AMITT

🐛 Malware Sinkhole List in various formats

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

Responsive Command and Control System

A little collection of fun and creative proof of concepts to demonstrate the potential impact of a security vulnerability.

Subdomain Takeover tool written in Go

An OSINT tool to find contacts in order to report security vulnerabilities.

All-in-one tool for managing vulnerability reports from AppSec pipelines

Windows one line commands that make life easier, shortcuts and command line fu.

🔥 A powerful MongoDB auditing and pentesting tool 🔥

A medium interaction printer honeypot 🍯

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

Detect silent (unwanted) changes to files on your system

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

Credsleaker allows an attacker to craft a highly convincing credentials prompt using Windows Security, validate it against the DC and in turn leak it via an HTTP request.

Password wordlist generator using song lyrics for targeted bruteforce audits / attacks. Useful for penetration testing or security research.

Auto setup is a bash script compatible with Debian based distributions to install and setup necessary programs.

The Swiss Army knife for automated Web Application Testing

Yar is a tool for plunderin' organizations, users and/or repositories.

Your Everyday Threat Intelligence

Wireshark Cheat Sheet

A collection of response templates for invalid bug bounty reports.

A collection of all the data i could extract from 1 billion leaked credentials from internet.

#legalbugbounty project — creating safe harbors on bug bounty programs and vulnerability disclosure programs. Authored by Amit Elazari.

A Bind9 server for pentesters to use for Out-of-Band vulnerabilities

Malcom - Malware Communications Analyzer

🔐 Docker Container for Penetration Testing & Security

We propose a user-friendly add-on that allows you to check if your encrypted web traffic (SSL/TLS) towards secured Internet servers (HTTPS) is not intercepted (being listened to).

internet monitoring osint telegram bot for windows

SIEM-From-Scratch is a drop-in ELK based SIEM component for your Vagrant infosec lab

Cameradar hacks its way into RTSP videosurveillance cameras

Snoop — инструмент разведки на основе открытых данных (OSINT world)

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

An information security preparedness tool to do adversarial simulation.

Find cloud assets that no one wants exposed 🔎 ☁️

A default credential scanner.

💻🛡️ A curated collection of awesome resources, tools, and other shiny things for cybersecurity blue teams.

Vulnerability Dashboard

Anti-keylogger/anti-rat application for Windows

Python script to hunt phishing kits

Dashboard to collect, analyze, and respond to reported phishing emails.

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…

An automatic SQL Injection tool which takes advantage of ~DorkNet~ Googler, Ddgr, WhatWaf and sqlmap.

Hawkeye filesystem analysis tool

Notes Taken for HTB Machines & InfoSec Community.

Operational Security utility and automator.