343 Open source projects that are alternatives of or similar to reFlutter

Misc. Public Reports of Penetration Testing and Security Audits.

Simple vueJS based command generator which I developed in order to learn vueJS a little bit more.

The ldapconsole script allows you to perform custom LDAP requests to a Windows domain.

Bucket Flaws ( S3 Bucket Mass Scanner ): A Simple Lightweight Script to Check for Common S3 Bucket Misconfigurations

🖇 Enumerate git repository URL from list of URL / User / Org. Friendly to pipeline

Full Nuclei automation script with logic explanation.

🐰 Managing command snippets for hackers/bug bounty hunters. with pet.

This document proposes a way of standardising the structure, language, and grammar used in security policies.

🔑 Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles & Credentials.

SQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder. This extension gives you the flexibility of manual testing with many powerful evasion techniques.

🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks

Jasmin Ransomware is an advanced red team tool (WannaCry Clone) used for simulating real ransomware attacks. Jasmin helps security researchers to overcome the risk of external attacks.

A companion repo for the blog article: https://blog.approov.io/adding-oauth2-to-mobile-android-and-ios-clients-using-the-appauth-sdk

A very (very) FAST and simple subdomain finder based on online & free services. Without any configuration requirements.

VulWebaju is a platform that automates setting up your pen-testing environment for learning purposes.

Scan secrets from Continuous Integration Build Logs

A collection of over 5.1 million sub-domains and assets belonging to public bug bounty programs, compiled into a repo, for performing bulk operations.

PowerAuth Mobile SDK for adds capability for authentication and transaction signing into the mobile apps (ios, watchos, android).

Tips and Tutorials for Bug Bounty and also Penetration Tests.

Swiftly search FDNS datasets from Rapid7 Open Data

GSM Assessment Toolkit - A security evaluation framework for GSM networks

Pentest/BugBounty progress control with scanning modules

This repository contains wordlists for each versions of common web applications and content management systems (CMS). Each version contains a wordlist of all the files directories for this version.

Find host header injections and perform Host Header attacks with other kind of bugs like web cache poissoning

BugBounty Tool

Extract endpoints marked as disallow in robots files to generate wordlists.

Domain availbility checker

Unleash the power of cloud

List of bug bounty and coordinated vulnerability disclosure programs of companies/organisations in Switzerland

Tool to bypass 40X response codes.

Leverage the ability of Terraform and AWS or GCP to distribute large security scans across numerous cloud instances.

Boxer: A fast directory bruteforce tool written in Python with concurrency.

XSS in pastebin.com and reddit.com via unsanitized markdown output

Information Security Library

Reconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.

apkizer is a mass downloader for android applications for all available versions.

Yet Another PHP Shell - The most complete PHP reverse shell

Inventus is a spider designed to find subdomains of a specific domain by crawling it and any subdomains it discovers.

The ldap2json script allows you to extract the whole LDAP content of a Windows domain into a JSON file.

Kali Intelligence Suite (KIS) shall aid in the fast, autonomous, central, and comprehensive collection of intelligence by executing standard penetration testing tools. The collected data is internally stored in a structured manner to allow the fast identification and visualisation of the collected information.

Reconness Agents Script

Script that automates the installation of the main tools used for web application penetration testing and Bug Bounty.

Para pencari bug / celah kemanan bisa bergabung.

Intercept, modify, repeat and attack Android's Binder transactions using Burp Suite

Do some quick reconnaissance on a domain-based web-application

Send notifications on different channels such as Slack, Telegram, Discord etc.

A vulnerability fuzzing tool written in bash, it contains the most commonly used tools to perform vulnerability scan

An Extended, Modulair, Host Discovery Framework

Pentesting/Bugbounty Dockerfiles.

I built some bash functions to help me while doing mundane and repetitive tasks using BBRF, Nuclei or other Bug bounty tool.

log for articles and info in android for every developer

A Collection of Notes, Methodologies, POCs and everything else related to Bug Hunting.

A Tool for Domain Flyovers

Nuubi Tools (Information-ghatering|Scanner|Recon.)

It's a Docker Environment for pentesting which having all the required tool for VAPT.

Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place

Running nuclei Continuously

Security tool to quickly audit Public Box files and folders.

🦄🔒 Awesome list of secrets in environment variables 🖥️

Open Redirect scanner - (out of date)