1674 Open source projects that are alternatives of or similar to Rapidscan

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

AV-evading Pythonic Reverse Shell with Dynamic Adaption Capabilities

Vulnerability assessment and penetration testing automation and reporting platform for teams.

Red Team Toolkit is an Open-Source Django Offensive Web-App which is keeping the useful offensive tools used in the red-teaming together.

A python2 script for sweeping a network to find windows systems compromised with the DOUBLEPULSAR implant.

无状态子域名爆破工具

Designed to scan and exploit vulnerabilities within Tor hidden services. TORhunter allows most tools to work as normal while resolving .onion

Offensive Reverse Shell (Cheat Sheet)

A source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' quickly using static analysis with a json based rules engine. Ideal for scanning components before use or detecting feature level changes.

Advanced Web Browser Fingerprinting

bingip2hosts is a Bing.com web scraper that discovers websites by IP address

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

DNS Subdomain● Brute force ● Web Spider ● Nmap Scan ● etc

Command line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.

一款功能强大的漏洞扫描器，子域名爆破使用aioDNS，asyncio异步快速扫描，覆盖目标全方位资产进行批量漏洞扫描，中间件信息收集，自动收集ip代理，探测Waf信息时自动使用来保护本机真实Ip，在本机Ip被Waf杀死后，自动切换代理Ip进行扫描，Waf信息收集(国内外100+款waf信息)包括安全狗，云锁，阿里云，云盾，腾讯云等，提供部分已知waf bypass 方案，中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等)，支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能

Qualys sslabs-scan utility in a tiny docker image

A Tool for Domain Flyovers

This script will you help to find the information about the website and to help in penetrating testing

🎩 [penetration testing Book], Kali Magic, Cryptography, Hash Crack, Botnet, Rootkit, Malware, Spyware, Python, Go, C|EH.

Script will enumerate domain name using horizontal enumeration, reverse lookup. Each horziontal domain will then be vertically enumerated using Sublist3r.

This Script will help you to gather information about your victim or friend.

Libellux: Up & Running provides documentation on how-to install open-source software from source. The focus is Zero Trust Network to enhance the security for existing applications or install tools to detect and prevent threats.

🚀 Fast Port Scanner 🚀

A note-taking macOS app for penetration-testers.

Web Recon & Exploitation Tool.

C2/post-exploitation framework

Kubernetes Native, Runtime Container Image Scanning

A very loud but fast recon scan and pentest template creator for use in CTF's/OSCP/Hackthebox...

List of every possible vulnerabilities in computer security.

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

Remote command execution vulnerability scanner for Log4j.

A Docker container for remote penetration testing.

Tool Information Gathering Write By Python.

NSE scripts to detect CVE-2020-1350 SIGRED and CVE-2020-0796 SMBGHOST, CVE-2021-21972, proxyshell, CVE-2021-34473

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

Find cloud assets that no one wants exposed 🔎 ☁️

⌨️ Wordlists, Dictionaries and Other Data Sets for Writing Software Security Test Cases

Official Black Hat Arsenal Security Tools Repository

Rapidly scan filesystems for Java programs potentially vulnerable to Log4Shell (CVE-2021-44228) or "that Log4j JNDI exploit" by inspecting the class paths inside files

Kubernetes RBAC static Analysis & visualisation tool

Top 100 Hacking & Security E-Books (Free Download)

Cameradar hacks its way into RTSP videosurveillance cameras

This repository created for personal use and added tools from my latest blog post.

Ladon Pentest Scanner framework 全平台LadonGo开源内网渗透扫描器框架，使用它可轻松一键批量探测C段、B段、A段存活主机、高危漏洞检测MS17010、SmbGhost，远程执行SSH/Winrm，密码爆破SMB/SSH/FTP/Mysql/Mssql/Oracle/Winrm/HttpBasic/Redis，端口扫描服务识别PortScan指纹识别/HttpBanner/HttpTitle/TcpBanner/Weblogic/Oxid多网卡主机，端口扫描服务识别PortScan。

Free Security and Hacking eBooks

A tool for identifying misconfigured CloudFront domains

Password wordlist generator using song lyrics for targeted bruteforce audits / attacks. Useful for penetration testing or security research.

Thoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.

⛔️ offsec batteries included

Code from my old page ge.mine.nu

Exploits and Security Tools Framework 2.0.1

Tool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.

🔎 Python framework to automatically discover and enumerate hosts from different back-end systems (Shodan, Censys)

python3批量poc检测工具

CloudDefense.ai is an automated web application security testing tool that audits your web applications by checking for vulnerabilities like SQL Injection, Cross-site scripting and other exploitable vulnerabilities.

Log4J scanner that detects vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046, etc) on your file-system within any application. It is able to even find Log4J instances that are hidden several layers deep. Works on Linux, Windows, and Mac, and everywhere else Java runs, too!

Command line tool that allows you to explore IoT devices by using Shodan API.

Python tool that monitors and logs user-run commands on a Linux system for either offensive or defensive purposes..

Automatic Enumeration Tool based in Open Source tools

Security scanner coordinator