1370 Open source projects that are alternatives of or similar to Phishapi

Extract endpoints from APK files

🎯 XML External Entity (XXE) Injection Payload List

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

An ongoing list of virtual cybersecurity conferences.

Awesome cloud enumerator

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

Container with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters

Generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage.

Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Idiomatic nmap library for go developers

The all-in-one Red Team extension for Web Pentester 🛠

Web path scanner

🔐 Docker Container for Penetration Testing & Security

🏴‍☠️ Tools for pentesting, CTFs & wargames. 🏴‍☠️

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

Responsive Command and Control System

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.

Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

Ruby on Rails Phishing Framework

📡 A python program to create a fake AP and sniff data.

RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.

Cameradar hacks its way into RTSP videosurveillance cameras

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

🔎Searches Hash APIs to crack your hash quickly🔎 If hash is not found, automatically pipes into HashCat⚡

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

Hawkeye filesystem analysis tool

Automated Adversary Emulation Platform

Generate Professional Phishing Emails Fast And Easy

Capture-the-Flag (CTF) environment setup tools for OWASP Juice Shop

Ronin is a Ruby platform for vulnerability research and exploit development. Ronin allows for the rapid development and distribution of code, Exploits or Payloads, Scanners, etc, via Repositories.

Git All the Payloads! A collection of web attack payloads.

The linux choice collection tools

A collection of some of my scripts

Enumerate information from NTLM authentication enabled web endpoints 🔎

Mercure is a tool for security managers who want to train their colleague to phishing.

All In One Pentesting Tool For Recon & Auditing , Phone Number Lookup , Header , SSH Scan , SSL/TLS Scan & Much More.

Vagrant VirtualBox environment for conducting an internal network penetration test

RSPET (Reverse Shell and Post Exploitation Tool) is a Python based reverse shell equipped with functionalities that assist in a post exploitation scenario.

phishEye is an ultimate phishing tool in python. Includes popular websites like Facebook, Twitter, Instagram, LinkedIn, GitHub, Dropbox, and many others. Created with Flask, custom templates, and tunneled with ngrok and localhost.run.

IP Tools To quickly get information about IP Address's, Web Pages and DNS records.

Linux privilege escalation checks (systemd, dbus, socket fun, etc)

PyIris is a modular remote access trojan toolkit written in python targeting Windows and Linux systems.

A fully automatic wifi deauther coded in Python

Monitoring GitHub for sensitive data shared publicly

Cloud, CDN, and marketing services leveraged by cybercriminals and APT groups

Backend logic implementation for Vulnerability Management System

一款信息泄漏利用工具，适用于.git/.svn源代码泄漏和.DS_Store泄漏

locate and attack Lync/Skype for Business

Spin up new Windows qubes quickly, effortlessly and securely on Qubes OS

A pentesting tool inspired by mr robot and derived by zphisher

Additional Resources For Securing The Stack Tutorials

Rockyou for web fuzzing

Leaked pentesting manuals given to Conti ransomware crooks