870 Open source projects that are alternatives of or similar to Satansword

Tests for race conditions in web applications. Includes a RESTful API to integrate into a continuous integration pipeline.

DNS Subdomain● Brute force ● Web Spider ● Nmap Scan ● etc

🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks

Red Team Toolkit is an Open-Source Django Offensive Web-App which is keeping the useful offensive tools used in the red-teaming together.

This tool was created as a Proof of Concept to reveal the threats related to web service misconfiguration using CloudFlare as reverse proxy and WAF

Wordpress XMLRPC System Multicall Brute Force Exploit (0day) by 1N3 @ CrowdShield

A proof of concept crypto virus to spread user awareness about attacks and implications of ransomwares. Phirautee is written purely using PowerShell and does not require any third-party libraries. This tool steals the information, holds an organisation’s data to hostage for payments or permanently encrypts/deletes the organisation data.

OSPd is a framework for vulnerability scanners which share the same communication protocol: OSP (Open Scanner Protocol)

a plenty of poc based on python

Proof of concept of CVE-2022-21907 Double Free in http.sys driver, triggering a kernel crash on IIS servers

Browser fingerprinting library with the highest accuracy and stability.

FUNDED is a novel learning framework for building vulnerability detection models.

Identificador de Seguridad Web para Pentester

Next generation web scanner

a fast password wordlist generator, Smartlist creation and password hybrid-mask analysis tool written in pure safe Rust

Public append-only ledger microservice built with Slim Framework

aztarna, a footprinting tool for robots.

CVE-2020-8597 pppd buffer overflow poc

Python 3.5+ DNS asynchronous brute force utility

Blueborne CVE-2017-1000251 PoC for linux machines

Fuzzer for Linux Kernel Drivers

JustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)

Fast directory scanning and scraping tool

WPScan rewritten in Python + some WPSeku ideas

Golang security checker

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

Vulners Python API wrapper

List of Security Archives Tools and software, generally for facilitate security & penetration research. Opening it up to everyone will facilitate a knowledge transfer. Hopefully the initial set will grow and expand.

Tools for inspecting disk images

Some personal exploits/pocs

Security Orchestration, Automation and Response (SOAR) Platform. 安全编排与自动化响应平台，无需编写代码的安全自动化，使用 SOAR 可以让团队工作更加高效

CVE-2020-0796 Pre-Auth POC

[ Admin panel finder / Admin Login Page Finder ] ¢σ∂є∂ ву 👻 (❤-❤) 👻

Vulnerability database and package search for sources such as OSV, NVD, GitHub and npm.

Burp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Application Security Testing (DAST).

wifi attacks suite

A Deep Graph-based Toolbox for Fraud Detection

Wazuh - Tools for packages creation

poc or exp of android vulnerability

A demo for the no-JavaScript fingerprinting article

🛡️ A private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management, so you can use TLS everywhere & SSO for SSH.

聚合Github上已有的Poc或者Exp，CVE信息来自CVE官网。Auto Collect Poc Or Exp from Github by CVE ID.

Attack surface mapping

Advanced file format fuzzer based-on deep neural language models.

Decrypt passwords/cookies/history/bookmarks from the browser. 一款可全平台运行的浏览器数据导出解密工具。

Browser extension to spoof timezone, geolocation, locale and user agent.

graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology is behind a given GraphQL endpoint.

Exploit for the RpcEptMapper registry key permissions vulnerability (Windows 7 / 2088R2 / 8 / 2012)

The knife of the Admin & Security auditor

DeimosC2 is a Golang command and control framework for post-exploitation.

Task Hijacking in Android (somebody call it also StrandHogg vulnerability)

OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.

A simple program written in bash that contains basic Linux network tools, information gathering tools and scanning tools.

Open Redirect Payloads

Umbraco CMS 7.12.4 - (Authenticated) Remote Code Execution

🚀 Evaluation of Location of the device using RSSI values of Access Points and Reference point which are made from Wi-Fi readings

Nmap and NSE command line wrapper in the style of Metasploit

a tool to analyze filesystem images for security

Prowler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 200 controls covering CIS, ISO27001, GDPR, HIPAA, SOC2, ENS and other security frameworks.

Exploits for YARA 3.7.1 & 3.8.1