1546 Open source projects that are alternatives of or similar to Pwndoc

Dradis Framework: Colllaboration and reporting for IT Security teams

Multi source CVE/exploit parser.

Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.

A curated list of awesome infosec courses and training resources.

📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.

Hacking Toolkit

SMTP and IMAP checker / cracker for mailpass combolists with a user-friendly GUI, automated inbox test and many more features.

A Tool for Domain Flyovers

Misc. Public Reports of Penetration Testing and Security Audits.

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈

Web Application Security Scanner Framework

Idiomatic nmap library for go developers

This repository contains writeups for various CTFs I've participated in (Including Hack The Box).

A curated list of VULNERABLE APPS and SYSTEMS which can be used as PENETRATION TESTING PRACTICE LAB.

🔐 Docker Container for Penetration Testing & Security

Awesome Node.js Security resources

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

Pentest: Subdomains enumeration tool for penetration testers.

🌒 Shell command obfuscation to avoid detection systems

🦁 Juumla is a python tool created to identify Joomla version, scan for vulnerabilities and search for config or backup files.

Argus Advanced Remote & Local Keylogger For macOS and Windows

A collection of resources I'm using while working toward the OSCP

It's a Docker Environment for pentesting which having all the required tool for VAPT.

Kali Live Build Scripts

The SpecterOps project management and reporting engine

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

🔑 Hash type identifier (CLI & lib)

Get GTFOBins info about a given exploit from the command line

Totally Insecure Web Application Project (TIWAP)

VOIP Security Audit Framework

SEC分布式资产扫描系统

Security Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.

Collection of several DDos tools.

Feature-rich Post Exploitation Framework with Network Pivoting capabilities.

渗透测试☞经验/思路/总结/想法/笔记

Common Web Managers Fuzz Wordlists

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

Vulnerability assessment and penetration testing automation and reporting platform for teams.

Making CoreOS' Clair easily work in CI/CD pipelines

Offensive Reverse Shell (Cheat Sheet)

Multi OTP Spam Amp/Paralell threads

Yet Another PHP Shell - The most complete PHP reverse shell

Framework For Exploring kernel vulnerabilities, network vulnerabilities ✨

Sifter aims to be a fully loaded Op Centre for Pentesters

List of every possible vulnerabilities in computer security.

A Golang implant that uses Slack as a command and control server

Continuously monitor your AWS services for configurations that can lead to degradation of confidentiality, integrity or availability. All results will be sent to Security Hub for further aggregation and analysis.

Selenium powered Python script to automate searching for vulnerable web apps.

SIP-Based Audit and Attack Tool

Certified Smart Contract Audits (Ethereum, Hyperledger, xDAI, Huobi ECO Chain, Binance Smart Chain, Fantom, EOS, Tezos) by Chainsulting

Subdomain enumeration through various techniques

An Arch Linux repository for security professionals and enthusiasts. Done the Arch Way and optimized for i686, x86_64, ARMv6, ARMv7 and ARMv8.

巡风是一款适用于企业内网的漏洞快速应急，巡航扫描系统。

Next generation web scanner

Extract subdomains from SSL certificates in HTTPS sites.

Hacker101 CTF Writeup

OSINT Swiss Army Knife

Applied offensive security with Rust - Early access - https://academy.kerkour.com/black-hat-rust?coupon=GITHUB

An advanced tool for email reconnaissance