637 Open source projects that are alternatives of or similar to Qsfuzz

Tutorials and Things to Do while Hunting Vulnerability.

Wazuh - The Open Source Security Platform

Yar is a tool for plunderin' organizations, users and/or repositories.

A python script that finds endpoints in JavaScript files

Automating XSS using Bash

Penetration tests guide based on OWASP including test cases, resources and examples.

OSS Vulnerability Scanner for Windows Platform

Command line tool for testing CRLF injection on a list of domains.

Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting

PatrowlHears - Vulnerability Intelligence Center / Exploits

PyIris-backdoor is a modular, stealthy and flexible remote-access-toolkit written completely in python used to command and control other systems. It is now in the beta stage, possibly perpetually. There are bugs still present in the framework, feel free to contribute or help me out with this project its still under active development >_>

The Offensive Manual Web Application Penetration Testing Framework.

Awesome Vulnerable Applications

A Python3 based single-file subdomain enumerator

A service that can track data breaches like "Have I Been Pwned", but it is specific for Taiwan.

Random Tools for Bug Bounty

Poor (rich?) man's bug bounty pipeline

🐛 Malware Sinkhole List in various formats

Wazuh - Project documentation

Automation Recon tool which works with Large & Medium scopes. It performs more than 20 tasks and gets back all the results in separated files.

🐞 Primitive Erlang Security Tool

Automated NoSQL database enumeration and web application exploitation tool.

Exploit Development, Reverse Engineering & Cryptography

Badges for your GitHub tool presented at InfoSec Conference

Wireshark Cheat Sheet

Bringing you the best of the worst files on the Internet.

Hide secrets with invisible characters in plain text securely using passwords 🧙🏻‍♂️⭐

gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...

ReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.

A list to discover work of red team tooling and methodology for penetration testing and security assessment

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

cve-search - a tool to perform local searches for known vulnerabilities

A curated list of awesome social engineering resources.

ASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight

Extract API keys from file or url using by magic of python and regex.

🔺 Red Team Hardware Toolkit 🔺

📡 A python program to create a fake AP and sniff data.

A note-taking macOS app for penetration-testers.

Rescope is a tool geared towards pentesters and bugbounty researchers, that aims to make life easier when defining scopes for Burp Suite and OWASP ZAP.

A tool to check a bunch of URLs that contain reflecting params.

🔩 jwt-hack is tool for hacking / security testing to JWT. Supported for En/decoding JWT, Generate payload for JWT attack and very fast cracking(dict/brutefoce)

Open Vulnerability Assessment Scanner - Scanner for Greenbone Vulnerability Management (GVM)

internet monitoring osint telegram bot for windows

A fast http and https prober, to check which URLs are alive

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

DNS-Discovery is a multithreaded subdomain bruteforcer.

A simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support

Tool for catching and logging different types of requests.

Repositório com conteúdo sobre web hacking em português

Arissploit Framework is a simple framework designed to master penetration testing tools. Arissploit Framework offers simple structure, basic CLI, and useful features for learning and developing penetration testing tools.

Security Tool to Look For Interesting Files in S3 Buckets

OWASP Honeypot, Automated Deception Framework.

Python script to hunt phishing kits

A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference

An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.

An ongoing list of virtual cybersecurity conferences.

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

🔐 Security advisories as a simple composer exclusion list, updated daily

Find leaked emails with your passwords