794 Open source projects that are alternatives of or similar to Rfd Checker

A Tool for Domain Flyovers

Leverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.

Related subdomains finder

This challenge is Inon Shkedy's 31 days API Security Tips.

Misc. Public Reports of Penetration Testing and Security Audits.

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

Pentest: Subdomains enumeration tool for penetration testers.

Turn your VPS into an attack box

A simple python script which can check HTTP status of branch of URLs/Subdomains and grab URLs/Subdomain title

Yet Another PHP Shell - The most complete PHP reverse shell

Pentest/BugBounty progress control with scanning modules

🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks

Community Workflow for the Osmedeus Engine that describes basic reconnaissance methodology for you to build your own

A collection of special paths linked to major web CVEs, known misconfigurations, juicy APIs ..etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints and quick-wins.

XSS in pastebin.com and reddit.com via unsanitized markdown output

The fastest dork scanner written in Go.

HTTP Request Smuggling over HTTP/2 Cleartext (h2c)

🎯 XML External Entity (XXE) Injection Payload List

#legalbugbounty project — creating safe harbors on bug bounty programs and vulnerability disclosure programs. Authored by Amit Elazari.

Selenium powered Python script to automate searching for vulnerable web apps.

A list of interesting payloads, tips and tricks for bug bounty hunters.

Extract subdomains from SSL certificates in HTTPS sites.

The Swiss Army knife for automated Web Application Testing

Intelligence tool but without API key

Hershell is a simple TCP reverse shell written in Go.

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

渗透测试☞经验/思路/总结/想法/笔记

sub domain wild card filtering tool

A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.

Framework for rapid development and reusable of security tools

A collection of over 5.1 million sub-domains and assets belonging to public bug bounty programs, compiled into a repo, for performing bulk operations.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Subcert is an subdomain enumeration tool, that finds all the subdomains from certificate transparency logs.

Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。

Automated Red Team Infrastructure deployement using Docker

A collection of response templates for invalid bug bounty reports.

An automated approach to performing recon for bug bounty hunting and penetration testing.

Automated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]

Snoop — инструмент разведки на основе открытых данных (OSINT world)

Awesome cloud enumerator

A fast DOM based XSS vulnerability scanner with simplicity.

Hetty is an HTTP toolkit for security research.

Offensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.

🦁 Juumla is a python tool created to identify Joomla version, scan for vulnerabilities and search for config or backup files.

Pentest Report Generator

OSINT Swiss Army Knife

Bug Bounty Guide is a launchpad for bug bounty programs and bug bounty hunters.

This repo is about @harshbothra_ 365 days of learning Tweet & Mindmap collection

Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.

Most usable tools for iOS penetration testing

A curated list of awesome infosec courses and training resources.

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

Security Mindmap that could be useful for the infosec community when doing pentest, bug bounty or red-team assessments.

Web path scanner

Vulnerability Dashboard

A big list of Android Hackerone disclosed reports and other resources.

Multi Tool Subdomain Enumeration

Chashell is a Go reverse shell that communicates over DNS. It can be used to bypass firewalls or tightly restricted networks.

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup