356 Open source projects that are alternatives of or similar to safelog4j

Fast and customizable vulnerability scanner based on simple YAML based DSL.

CMS auto detect and exploit.

AWVS12 最新版本12.0.190902105_x64

A python tool to check subdomain takeover vulnerability

A Modular Framework for the Automated Vulnerability Analysis in IP-based Networks

Libellux: Up & Running provides documentation on how-to install open-source software from source. The focus is Zero Trust Network to enhance the security for existing applications or install tools to detect and prevent threats.

Erebus is a fast tool for parameter-based vulnerability scanning using a Yaml based template engine like nuclei.

A typical search engine dork scanner scrapes search engines with dorks that you provide in order to find vulnerable URLs.

Host Header Injection Scanner

Enables scanning of docker builds in Jenkins for OS package vulnerabilities.

OWASP Zed Attack Proxy project landing page.

Automated Adversary Emulation Platform

Fuzz your Rust code with Google-developed Honggfuzz !

Awesome Java Security Resources 🕶☕🔐

This is my OSCP cheat sheet made by combining a lot of different resources online with a little bit of tweaking. I used this cheat sheet during my exam (Fri, 13 Sep 2019) and during the labs. I can proudly say it helped me pass so I hope it can help you as well ! Good Luck and Try Harder

Chain Reactor is an open source framework for composing executables that simulate adversary behaviors and techniques on Linux endpoints.

memory search and patch tool on debuggable apk without root & ndk

Custom memory allocator that helps discover reads from uninitialized memory

Methodology for high-quality web application security testing - https://github.com/tprynn/web-methodology/wiki

Metasploit Cheat Sheet 💣

This project intends to provide a series of tools to craft, parse, send, analyze and crack a set of LoRaWAN packets in order to audit or pentest the security of a LoraWAN infrastructure.

kunpeng是一个Golang编写的开源POC框架/库，以动态链接库的形式提供各种语言调用，通过此项目可快速开发漏洞检测类的系统。

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

PROJECT DELTA: SDN SECURITY EVALUATION FRAMEWORK

📚 Overview 🔒 Tooling 🔒 Process 🔒 Physical 🔒 People 📚

android proxy setting tool

Passhunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.

Ready to use images of Zap and Glue, especially for CI integration.

Awesome Python Security resources 🕶🐍🔐

Hacking Toolkit

Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.

Web application vulnerability scanner

Watchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.

🔎 shodansploit > v1.3.0

Awesome .NET Security Resources

🎯 HackerTarget ToolKit - Tools And Network Intelligence To Help Organizations With Attack Surface Discovery 🎯

A vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.

A friendly car security exploration tool for the CAN bus

secureCodeBox (SCB) - continuous secure delivery out of the box

NERVE Continuous Vulnerability Scanner

PHP Security Check List [ EN ] 🌋 ☣️

SIde-Channel Analysis toolKit: embedded security evaluation tools

Automated XSS Finder

All that is required to run MobSF in the ci

This script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)

🎩 [penetration testing Book], Kali Magic, Cryptography, Hash Crack, Botnet, Rootkit, Malware, Spyware, Python, Go, C|EH.

WireBug is a toolset for Voice-over-IP penetration testing

My AI security testing projects

Advanced Pure-Python Keylogger

a useful utility for android app security testing

Memory modification tool for re-signed ipa supports iOS apps running on iPhone and Apple Silicon Mac without jailbreaking.

Gets in the way of your victim's traffic and out of yours

Elkeid is a Cloud-Native Host-Based Intrusion Detection solution project to provide next-generation Threat Detection and Behavior Audition with modern architecture.

log4j2 remote code execution or IP leakage exploit (with examples)

Log4j jndi injection fuzz tool

Spring Boot web application vulnerable to Log4Shell (CVE-2021-44228).