791 Open source projects that are alternatives of or similar to Pinaak

MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats.

An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.

A collection of special paths linked to major web CVEs, known misconfigurations, juicy APIs ..etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints and quick-wins.

Docker Scan is a Command Line Interface to run vulnerability detection on your Dockerfiles and Docker images

🆕 The Multi-Tool Web Vulnerability Scanner.

A curated list of vulnerable web applications.

Running nuclei Continuously

SQL Injection Payload List

SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈

The Swiss Army knife for automated Web Application Testing

JAVA 漏洞靶场 (Vulnerability Environment For Java)

Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place

Kubernetes Native, Runtime Container Image Scanning

Discover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty

WPScan rewritten in Python + some WPSeku ideas

XSS Payload without Anything.

Hourly updated database of exploit and exploitation reports

Automating XSS using Bash

It's a Docker Environment for pentesting which having all the required tool for VAPT.

Open-Source Security Architecture | 开源安全架构

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

SD-WAN security and insecurity

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

Fast and customizable vulnerability scanner For JIRA written in Python

Agent scanner for vulners.com

Modified Nuclei Templates Version to FUZZ Host Header

Intentionally vulnerable Android application.

Reconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.

PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform

The fastest dork scanner written in Go.

hacker, ready for more of our story ! 🚀

SQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder. This extension gives you the flexibility of manual testing with many powerful evasion techniques.

Arissploit Framework is a simple framework designed to master penetration testing tools. Arissploit Framework offers simple structure, basic CLI, and useful features for learning and developing penetration testing tools.

Bug's feed is a local hosted portal where you can search for the latest news, videos, CVEs, vulnerabilities...

Full Nuclei automation script with logic explanation.

Nuclei Templates to reproduce Cracking the lens's Research

A Docker Image For the Open Vulnerability Assessment Scanner (OpenVAS)

🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List

A replacement of "qsreplace", accepts URLs as standard input, replaces all query string values with user-supplied values and stdout.

A command line tool for detecting vulnerabilities in Python dependencies and doing safe package installs

Auditing Script based on CIS-BENCHMARK CENTOS 8

Set of scripts that can do awesome stuff for developers

Kubernetes Scanner

Static Binary Deployer. Download and deploy *Nix utilities on a compromised system.

Bucket Flaws ( S3 Bucket Mass Scanner ): A Simple Lightweight Script to Check for Common S3 Bucket Misconfigurations

Development Automation using Shell Scripting.

OSPd is a framework for vulnerability scanners which share the same communication protocol: OSP (Open Scanner Protocol)

A smart, lightweight shell script templating engine, written in Bash

Port of "DR.CHECKER : A Soundy Vulnerability Detection Tool for Linux Kernel Drivers" to Clang/LLVM 10 and Linux Kernel

RuCTFE 2019. Developed with ♥ by HackerDom team

A shell script that uploads/deletes images to/from IMGUR.

Installer for HashiCorp Terraform - Automatic Download, Extract and Install of Latest or Specific Version

Jenkins plugin for OWASP Dependency-Check. Inspects project components for known vulnerabilities (e.g. CVEs).

Collection of useful scripts for Linux (git, docker, LUKS, Archlinux...)

My personal bug bounty toolkit.

An fzf terminal UI for systemctl

⚡ motivate ⚡ - A simple script to print random motivational quotes. Highly influenced by linux command fortune.

Subdomain discovery using the power of 'The Rapid7 Project Sonar datasets'

You can use setupTermuxArch.sh 📲 to install Arch Linux in Termux on Android and Chrome. This setup script will attempt to set Arch Linux up in your Termux environment.

Subcert is an subdomain enumeration tool, that finds all the subdomains from certificate transparency logs.