2615 Open source projects that are alternatives of or similar to Recsech

network reconnaissance toolkit

Sifter aims to be a fully loaded Op Centre for Pentesters

Set of tools to audit SIP based VoIP Systems

yotter - bash script that performs recon and then uses dirb to discover directories that might lead to information leakage

A tool to test security of json web token

Web Application Security Scanner Framework

Reconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.

Reconnaissance tool for GitHub code search. Finds exposed API keys using pattern matching, commit history searching, and a unique result scoring system.

Hacking Toolkit

Automatic SQL injection with Charles and sqlmap api

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)

Web path scanner

A static analysis security vulnerability scanner for Ruby on Rails applications

Login hunter of default credentials for administrative web interfaces leveraging NNdefaccts dataset.

Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.

Tool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.

Open-Source Security Architecture | 开源安全架构

Semi-automatic OSINT framework and package manager

Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns

A simple tool for interacting with OWASP ZAP from the commandline.

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

A default credential scanner.

Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting

👶 BabySploit Beginner Pentesting Toolkit/Framework Written in Python 🐍

无状态子域名爆破工具

API, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)

👀 🖥️ Golang rewrite of eyes.sh. Let's you perform domain/IP address information gathering. Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?" 🔍 🕵️

Tool for information gathering, IPReverse, AdminFInder, DNS, WHOIS, SQLi Scanner with google.

An HTTP/HTTPS intercept proxy written in Go.

📚 Overview 🔒 Tooling 🔒 Process 🔒 Physical 🔒 People 📚

备考 OSCP 的各种干货资料/渗透测试干货资料

Discover Your Attack Surface!

vulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}

List of Awesome Asset Discovery Resources

A Fast Broken Link Hijacker Tool written in Python

DNS Sub-domain brute forcer, in Python + gevent

GitHub Recon — and what you can achieve with it!

HydraFW official firmware for HydraBus/HydraNFC for researcher, hackers, students, embedded software developers or anyone interested in debugging/hacking/developing/penetration testing

NebulousAD automated credential auditing tool.

pentest framework

Linux命令转发记录

A DNS reconnaissance tool for locating non-contiguous IP space.

Reconnaissance tool of Penetration test & Bug Bounty

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

Security tool to trace URL's jumps across the rel links to obtain the last URL

It's a simple tool for test vulnerability shellshock

The Swiss Army knife for automated Web Application Testing

IBM Fully Homomorphic Encryption Toolkit For Linux. This toolkit is a Linux based Docker container that demonstrates computing on encrypted data without decrypting it! The toolkit ships with two demos including a fully encrypted Machine Learning inference with a Neural Network and a Privacy-Preserving key-value search.

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能

The request.bin of DNS request

👀 Some of my favorite OSINT tools.

Kali Linux 工具合集中文说明书

All-in-one tool for managing vulnerability reports from AppSec pipelines

Scripts to gather system configuration information for offline/remote auditing

本程序旨在为安全应急响应人员对Linux主机排查时提供便利，实现主机侧Checklist的自动全面化检测，根据检测结果自动数据聚合，进行黑客攻击路径溯源。

Infection vector that bypasses AV, IDS, and IPS. (For now...)

A Go implementation of dirsearch.

⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting

The Web Exploit Detector is a Node.js application used to detect possible infections, malicious code and suspicious files in web hosting environments