638 Open source projects that are alternatives of or similar to Pompem

Network Pivoting Toolkit

File Scanning Framework

Collection of different exploits

Web Application Security Automation Framework which recons the target for various assets to maximize the attack surface for security professionals & bug-hunters

Program to reverse Docker images into Dockerfiles

SIPVicious OSS is a set of security tools that can be used to audit SIP based VoIP systems.

myscan 被动扫描

It's a Docker Environment for pentesting which having all the required tool for VAPT.

CMS/LMS/Library etc Versions Fingerprinter

Attack surface mapping

zBang is a risk assessment tool that detects potential privileged account threats

A tool to automate penetration tests

Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).

🆕 The Multi-Tool Web Vulnerability Scanner.

PoC code from DEF CON 25 presentation

🎯 HackerTarget ToolKit - Tools And Network Intelligence To Help Organizations With Attack Surface Discovery 🎯

A Virtual environment for Pentesting IoT Devices

Awesome Java Security Resources 🕶☕🔐

Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.

Official Black Hat Arsenal Security Tools Repository

kernel privilege escalation enumeration and exploitation framework

Python script to detect vulnerabilities inside PHP source code using static analysis, based on regex

Web-based Source Code Vulnerability Scanner

Patch-level verification for Bundler

Internal penetration testing tool for Linux that can be used to enumerate OS information, domain information, shares, directories, and users through SMB.

安全编排与自动化响应平台

ContainerSSH: Launch containers on demand

JAVA安全SDK及编码规范

A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.

Collaborative malware analysis framework

Open source application to instantly remediate common security issues through the use of AWS Config

A curated list of awesome test automation frameworks, tools, libraries, and software for different programming languages. Sponsored by http://sdclabs.com

FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.

Tool Information Gathering Write By Python.

Penetrum LLC opensource security tool list.

A simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support

HTTP Request Smuggling over HTTP/2 Cleartext (h2c)

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

Security scanner coordinator

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

Credentials catching honeypot

Search exposed EBS volumes for secrets

Scapy: the Python-based interactive packet manipulation program & library. Supports Python 2 & Python 3.

Hide secrets with invisible characters in plain text securely using passwords 🧙🏻‍♂️⭐

Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

🛡️⚔️ Protect your web app from DDOS attack or the Dead Ping + CAPTCHA VERIFICATION in one line!

Simple script that checks a domain for email protections

Tools of "The Bug Hunters Methodology V2 by @jhaddix"

Web Scan Lazy Tools - Python Package

集漏洞验证和任务运行的一个框架

Security Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.

Bifrost C2. Open-source post-exploitation using Discord API

Exploits developed by me.

SkyArk helps to discover, assess and secure the most privileged entities in Azure and AWS

一键提取安卓应用中可能存在的敏感信息。

Some exploits, which I’ve created during my OSCE preparation.

Dumain Bruteforcer - a fast and flexible domain bruteforcer

Advisories, proof of concept files and exploits that have been made public by @pedrib.

🌒 Shell command obfuscation to avoid detection systems