794 Open source projects that are alternatives of or similar to Rfd Checker

Pentest/BugBounty progress control with scanning modules

bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…

Selenium powered Python script to automate searching for vulnerable web apps.

Auto setup is a bash script compatible with Debian based distributions to install and setup necessary programs.

Secret and/ credential patterns used for gf.

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

Scan for open AWS S3 buckets and dump the contents

An OSINT tool to find contacts in order to report security vulnerabilities.

"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.

Awesome Node.js Security resources

Vulnerability Dashboard

Offensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.

A curated list of awesome infosec courses and training resources.

Tool for catching and logging different types of requests.

Container with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters

Snoop — инструмент разведки на основе открытых данных (OSINT world)

A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.

🖖 Fast, modern, easy-to-use network scanner

Webshell Manager

Multi source CVE/exploit parser.

An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)

Intelligence tool but without API key

Pass in a list of URLs with query strings, get back a unique list of URLs and query string combinations

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Pentest Report Generator

Hershell is a simple TCP reverse shell written in Go.

🌒 Shell command obfuscation to avoid detection systems

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

Framework for rapid development and reusable of security tools

🔑 Hash type identifier (CLI & lib)

Security Mindmap that could be useful for the infosec community when doing pentest, bug bounty or red-team assessments.

🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks

Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.

This document proposes a way of standardising the structure, language, and grammar used in security policies.

A collection of special paths linked to major web CVEs, known misconfigurations, juicy APIs ..etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints and quick-wins.

A collection of over 5.1 million sub-domains and assets belonging to public bug bounty programs, compiled into a repo, for performing bulk operations.

goverview - Get an overview of the list of URLs

An automated approach to performing recon for bug bounty hunting and penetration testing.

OSINT Swiss Army Knife

Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。

This repo is about @harshbothra_ 365 days of learning Tweet & Mindmap collection

Gospider - Fast web spider written in Go

API, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)

个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

Burp Suite extension to passively scan for applications revealing server error messages

A collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me

Mining parameters from dark corners of Web Archives

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

👥😈 Infect a pc with badusb and establish a connection through telegram.

Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.

All about bug bounty (bypasses, payloads, and etc)

pentest framework

Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.

SIEM-From-Scratch is a drop-in ELK based SIEM component for your Vagrant infosec lab

A list of resources for those interested in getting started in bug bounties

Burp extension to passively scan for applications revealing software version numbers

Spoilerwall introduces a brand new concept in the field of network hardening. Avoid being scanned by spoiling movies on all your ports!