724 Open source projects that are alternatives of or similar to Plumhound

Active Directory ACL Visualizer and Explorer - who's really Domain Admin?

Web UI for managing users and groups in multiple directory services.

bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.

This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.

You didn't think I'd go and leave the blue team out, right?

Utility for hunting UAC bypasses or COM/DLL hijacks that alerts on the exported function that was consumed.

Investigate malicious Windows logon by visualizing and analyzing Windows event log

Monitoring your Slack workspaces for sensitive information

AutomatedLab is a provisioning solution and framework that lets you deploy complex labs on HyperV and Azure with simple PowerShell scripts. It supports all Windows operating systems from 2008 R2 to 2019, some Linux distributions and various products like AD, Exchange, PKI, IIS, etc.

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

Monitoring GitHub for sensitive data shared publicly

Designed to be installed on a fresh install of raspbian on a raspberry pi, by combining Respounder (Responder detection) and Artillery (port and service spoofing) for network deception, this tool allows you to detect an attacker on the network quickly by weeding out general noisy alerts with only those that matter.

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

Provides various Windows Server Active Directory (AD) security-focused reports.

This repository contains a collection of PowerShell tools that can be utilized to protect and defend an environment based on the recommendations of multiple cyber security researchers at Microsoft. These tools were created with a small to medium size enterprise environment in mind as smaller organizations do not always have the type of funding a…

Snoop — инструмент разведки на основе открытых данных (OSINT world)

Automated, extensible toolset that runs cypher queries against Bloodhound's Neo4j backend and saves output to spreadsheets.

Monitoring GitLab for sensitive data shared publicly

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

A collection of awesome security hardening guides, tools and other resources

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Find cloud assets that no one wants exposed 🔎 ☁️

An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)

Find and notify users in your Active Directory with weak passwords

A Python Bytecode Disassembler helping reverse engineers in dissecting Python binaries by disassembling and analyzing the compiled python byte-code(.pyc) files across all python versions (including Python 3.10.*)

Directory Tags for Lazy Programmers

👔 Enterprise Web application starter kit or template using Laravel

Idiomatic nmap library for go developers

Intelligence tool but without API key

The Exakat Engine : smart static analysis for PHP

红蓝对抗跨平台远控工具

Snyk's public vulnerability database

WinAppDbg Debugger

An advanced multithreaded admin panel finder written in python.

Bug Bounty Guide is a launchpad for bug bounty programs and bug bounty hunters.

Pode is a Cross-Platform PowerShell web framework for creating REST APIs, Web Sites, and TCP/SMTP servers

Fast web fuzzer written in Go

DeimosC2 is a Golang command and control framework for post-exploitation.

An advanced tool for email reconnaissance

Scaling Network Scanning. Changes prior to 1.0 may cause difficult to avoid backwards incompatibilities. You've been warned.

Writeups for infosec Capture the Flag events by team Galaxians

Tests for race conditions in web applications. Includes a RESTful API to integrate into a continuous integration pipeline.

A curated list of awesome infosec courses and training resources.

Neo4j Browser is the general purpose user interface for working with Neo4j. Query, visualize, administrate and monitor the database.

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

📇 A little directory of people's personal sites

Extract subdomains from SSL certificates in HTTPS sites.

Course Repository for University of Cincinnati Malware Analysis Class (CS[567]038)

Visual query builder for Neo4j graph database

Tool to check for dependency confusion vulnerabilities in multiple package management systems

Dradis Framework: Colllaboration and reporting for IT Security teams

🌰 An onion url inspector for inspecting deep web links.

Simple starter project for GRANDstack full stack apps

Links for the OSINT Team

网站目录

Hetty is an HTTP toolkit for security research.

Security Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.

Lets Map Your Network enables you to visualise your physical network in form of graph with zero manual error

Pentest Report Generator

Curated collection of blockchain & cryptocurrency resources.