380 Open source projects that are alternatives of or similar to report-ng

Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework

Pentest: Subdomains enumeration tool for penetration testers.

Modern alternative to dirbuster/dirb

Quick SQL Scanner, Dorker, Webshell injector PHP

🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.

The main SamuraiWTF collaborative distro repo.

Python Interactive Deepweb-oriented Rapid Intelligent Link Analyzer

Burp Extender plugin that generates a sitemap of a website using Wayback Machine

Pentest environment deployer (kali linux + targets) using vagrant and chef.

Keyscope is a key and secret workflow (validation, invalidation, etc.) tool built in Rust

Smersh is a pentest oriented collaborative tool used to track the progress of your company's missions.

This program focuses on automating the download, installation and compilation of pentest tools from source

Identify technologies used on websites.

windows-kernel-exploits Windows平台提权漏洞集合

A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).

C2Hack, sharing tips and tricks for pentesters

A plugin that allows you execute python and get return to BurpSuite.

Powerfull XSS Scanning and Parameter analysis tool&gem

Security checks pack for Burp Suite

A stealthy Python based Windows backdoor that uses Github as a command and control server

No description or website provided.

Most usable tools for iOS penetration testing

基于BurpSuite的一款FOFA Pro 插件

SSRF (Server Side Request Forgery) testing resources

Parse OpenAPI documents into Burp Suite for automating OpenAPI-based APIs security assessments (approved by PortSwigger for inclusion in their official BApp Store).

Automated Red Team Infrastructure deployement using Docker

An extensible application for penetration testers and software developers to decode/encode data into various formats.

BurpSuite收集：包括不限于 Burp 文章、破解版、插件(非BApp Store)、汉化等相关教程，欢迎添砖加瓦---burpsuite-pro burpsuite-extender burpsuite cracked-version hackbar hacktools fuzzing fuzz-testing burp-plugin burp-extensions bapp-store brute-force-attacks brute-force-passwords waf sqlmap jar

C2/post-exploitation framework

Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.

Dorks for shodan.io. Some basic shodan dorks collected from publicly available data.

burpsuite extension for extract information from data

Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。

InQL - A Burp Extension for GraphQL Security Testing

The ONLY hacker friendly proxy for webapp pentests.

Powerful plugins and add-ons for hackers

All releases of the security research group (a.k.a. hackers) The Hacker's Choice

Automated HTTP Request Repeating With Burp Suite

Vulnerability Recurrence:漏洞复现记录

Extension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.

Apache Solr Injection Research

🔰渗透测试资源库🔰黑客工具🔰维基解密文件🔰木马免杀🔰信息安全🔰技能树🔰数据库泄露🔰

Vendor-Neutral Security Tool Automation Controller (over REST)

Burp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Application Security Testing (DAST).

JustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)

HaE - BurpSuite Highlighter and Extractor

Offensive Web Testing Framework (OWTF), is a framework which tries to unite great tools and make pen testing more efficient http://owtf.org https://twitter.com/owtfp

myscan 被动扫描

GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes.

BurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite).

Generate Payloads and Control Remote Machines. [Discontinued]

A post exploitation tool based on a web application, focusing on bypassing endpoint protection and application whitelisting

generates weak passwords based on current date

Common Web Managers Fuzz Wordlists

JSON JTree viewer for Burp Suite

common methods that used by my burp extension projects

RunasCs - Csharp and open version of windows builtin runas.exe

Bash script purposed for system enumeration, vulnerability identification and privilege escalation.

vulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}

🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks