2043 Open source projects that are alternatives of or similar to Rengine

A Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.

A little collection of fun and creative proof of concepts to demonstrate the potential impact of a security vulnerability.

Exploit Pack -The next generation exploit framework

Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands on training!

A scanner for Moodle LMS

Simple multi threaded tool to extract domain related data from commoncrawl.org

massive SQL injection vulnerability scanner

Dracnmap is an open source program which is using to exploit the network and gathering information with nmap help. Nmap command comes with lots of options that can make the utility more robust and difficult to follow for new users. Hence Dracnmap is designed to perform fast scaning with the utilizing script engine of nmap and nmap can perform various automatic scanning techniques with the advanced commands.

Tool for information gathering, IPReverse, AdminFInder, DNS, WHOIS, SQLi Scanner with google.

Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns

online port scan scraper

👶 BabySploit Beginner Pentesting Toolkit/Framework Written in Python 🐍

Windows one line commands that make life easier, shortcuts and command line fu.

Scripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient

A curated list of awesome OSCP resources

The Last Web Recon Tool You'll Need

A fast GitHub stargazers information gathering tool

A service that can track data breaches like "Have I Been Pwned", but it is specific for Taiwan.

📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.

Vagrant VirtualBox environment for conducting an internal network penetration test

Scan only once by IP address and reduce scan times with Nmap for large amounts of data.

Dump exposed HTTP .git fast

无状态子域名爆破工具

Striker is an offensive information and vulnerability scanner.

pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)

🌘🦊 DalFox(Finder Of XSS) / Parameter Analysis and XSS Scanning tool based on golang

Advanced and easy to use penetration testing framework 💣🔎

Gorecon is a All in one Reconnaissance Tool , a.k.a swiss knife for Reconnaissance , A tool that every pentester/bughunter might wanna consider into their arsenal

OnionSearch is a script that scrapes urls on different .onion search engines.

Burp extension to passively scan for applications revealing software version numbers

Infoga - Email OSINT

DNS Sub-domain brute forcer, in Python + gevent

vulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}

We propose a user-friendly add-on that allows you to check if your encrypted web traffic (SSL/TLS) towards secured Internet servers (HTTPS) is not intercepted (being listened to).

Rockyou for web fuzzing

AMWScan (PHP Antimalware Scanner) is a free tool to scan php files and analyze your project to find any malicious code inside it.

Automated Penetration Testing Framework

Find web directories without bruteforce

Scrapes Router Passwords From http://www.routerpasswords.com ,more then +300 product

A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.

Paskto - Passive Web Scanner

Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.

Burp Suite extension to passively scan for applications revealing server error messages

A collection of response templates for invalid bug bounty reports.

A fast http and https prober, to check which URLs are alive

Simple Server Side Request Forgery services enumeration tool.

Security Tool to Look For Interesting Files in S3 Buckets

Silentbridge is a toolkit for bypassing 802.1x-2010 and 802.1x-2004.

ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.

It's a simple tool for test vulnerability shellshock

Reconnaissance Swiss Army Knife

#legalbugbounty project — creating safe harbors on bug bounty programs and vulnerability disclosure programs. Authored by Amit Elazari.

Data leak checker & OSINT Tool

Awesome Vulnerable Applications

Sane command-line scan-to-pdf script on Linux with OCR and deskew support

Password wordlist generator using song lyrics for targeted bruteforce audits / attacks. Useful for penetration testing or security research.

A curated list of awesome social engineering resources.

Code from Blackhat Python book

"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.

⚡ Perform subdomain enumeration using the certificate transparency logs from Censys.