1674 Open source projects that are alternatives of or similar to Rapidscan

A note-taking macOS app for penetration-testers.

Faster and more efficient stateless SYN scanner and banner grabber due to userland TCP/IP stack usage.

Web Inventory tool, takes screenshots of webpages using Pyppeteer (headless Chrome/Chromium) and provides some extra bells & whistles to make life easier.

Rapidly scan filesystems for Java programs potentially vulnerable to Log4Shell (CVE-2021-44228) or "that Log4j JNDI exploit" by inspecting the class paths inside files

Command line tool that allows you to explore IoT devices by using Shodan API.

NSE scripts to detect CVE-2020-1350 SIGRED and CVE-2020-0796 SMBGHOST, CVE-2021-21972, proxyshell, CVE-2021-34473

GitHub Sensitive Information Leakage（GitHub敏感信息泄露监控）

NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.

A Docker container for remote penetration testing.

Ashok is a OSINT Recon Tool , a.k.a 😍 Swiss Army knife .

Red Team Toolkit is an Open-Source Django Offensive Web-App which is keeping the useful offensive tools used in the red-teaming together.

List of every possible vulnerabilities in computer security.

Remote command execution vulnerability scanner for Log4j.

Tool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.

OWASP Joomla Vulnerability Scanner Project

[Official] Android reverse engineering tool focused on dynamic instrumentation automation. Powered by Frida. It disassembles dex, analyzes it statically, generates hooks, discovers reflected methods, stores intercepted data and does new things from it. Its aim is to be an all-in-one Android reverse engineering platform.

Blazy is a modern login bruteforcer which also tests for CSRF, Clickjacking, Cloudflare and WAF .

A vulnerability scanner for container images and filesystems

Security Orchestration, Automation and Response (SOAR) Platform. 安全编排与自动化响应平台，无需编写代码的安全自动化，使用 SOAR 可以让团队工作更加高效

Information gathering tool - OSINT

A light-weight password manager with a focus on simplicity and security

StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.

Python based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.

Solhint is an open source project created by https://protofire.io. Its goal is to provide a linting utility for Solidity code.

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)

Transparent proxy through Tor for Kali Linux OS

Remove code signatures from OSX Mach-O binaries (note: unsigned binaries cannot currently be re-codesign'ed. Patches welcome!)

⚡️An awesome list of the best Termux hacking tools

Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab

Open Source Tripwire®

An Active Defense and EDR software to empower Blue Teams

Hardening Ubuntu. Systemd edition.

Web Application Security Scanner

This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference

Red team Arsenal - An intelligent scanner to detect security vulnerabilities in company's layer 7 assets.

Awesome Ruby Security resources

(l)user hunter using WinAPI calls only

USB Rubber Ducky type scripts written for the DigiSpark.

🔨 Manage your website via terminal

A fast tool to scan CRLF vulnerability written in Go

A Python Tool For google Hacking

Advanced reconnaissance utility

A collection of awesome security hardening guides, tools and other resources

OSINT Tool: Generate username lists for companies on LinkedIn

w3af: web application attack and audit framework, the open source web vulnerability scanner.

The New Hacking Framework

👻Impost3r -- A linux password thief

A free utility that finds malware, adware and other security threats

👻Stowaway -- Multi-hop Proxy Tool for pentesters

A next generation version of enum4linux (a Windows/Samba enumeration tool) with additional features like JSON/YAML export. Aimed for security professionals and CTF players.

.git 泄漏利用工具，可还原历史版本

Snyk's public vulnerability database

OSS-Fuzz - continuous fuzzing for open source software.

Awesome Python Security resources 🕶🐍🔐

AttackSurfaceMapper is a tool that aims to automate the reconnaissance process.

🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.

shuffleDNS is a wrapper around massdns written in go that allows you to enumerate valid subdomains using active bruteforce as well as resolve subdomains with wildcard handling and easy input-output support.

Scan .onion hidden services with nmap using Tor, proxychains and dnsmasq in a minimal alpine Docker container.

mXtract - Memory Extractor & Analyzer

高效强大扫描分析iOS和Android项目里没有使用的类Mac开源工具，清理项目垃圾类，让项目结构干净清爽，升级维护得心应手. Efficient and powerful scanning analysis iOS and Android project no classes used in Mac open source tools, cleaning rubbish class project, make project structure clean and relaxed, upgrade maintenance