420 Open source projects that are alternatives of or similar to Satellite

This script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)

Monitoring GitLab for sensitive data shared publicly

The Collective. A repo for a collection of red-team projects found mostly on Github.

Monitoring your Slack workspaces for sensitive information

Monitoring GitHub for sensitive data shared publicly

Collection of PowerShell functions a Red Teamer may use to collect data from a machine

Functions that can be used to gain Reverse Shells with PowerShell

This repo will contain some basic pentest/RT commands.

🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks

Automated Adversary Emulation Platform

Dorothy is a tool to test security monitoring and detection for Okta environments

An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.

🦄🔒 Awesome list of secrets in environment variables 🖥️

A tool for generating reverse shell payloads on the fly.

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

The all-in-one Red Team extension for Web Pentester 🛠

A place where I can create, collect and share tooling, resources and knowledge about information security.

Python library and CLI for the Bug Bounty Recon API

JavaScript library for building web-based applications that employ secure multi-party computation (MPC).

A Python library and command line tools to provide interactive log visualization.

Adversarial Robustness Toolbox (ART) - Python Library for Machine Learning Security - Evasion, Poisoning, Extraction, Inference - Red and Blue Teams

Capturing, analysing and responding to cyber attacks

👺 A Backdoor For Apache HTTP Server Written in C

Let's track phishing kits to give to research community raw material to study !

Automated, extensible toolset that runs cypher queries against Bloodhound's Neo4j backend and saves output to spreadsheets.

WALKOFF-enabled applications. #nsacyber

🔒 A curated checklist of 300+ tips for protecting digital security and privacy in 2021

🛡️ Make your web services secure by default !

Distributed malware processing framework based on Python, Redis and MinIO.

A CPU-based JSON Web Token (JWT) cracker and - to some extent - scanner.

Wireshark Cheat Sheet

备考 OSCP 的各种干货资料/渗透测试干货资料

A robust, and flexible open source User & Entity Behavior Analytics (UEBA) framework used for Security Analytics. Developed with luv by Data Scientists & Security Analysts from the Cyber Security Industry. [PRE-ALPHA]

Cloud Operations Sandbox is an open source tool that helps practitioners to learn Service Reliability Engineering practices from Google and apply them on their cloud services using Cloud Operations suite of tools.

A collection of useful scripts for Cobalt Strike

OWASP Honeypot, Automated Deception Framework.

Malware repository component for samples & static configuration with REST API interface.

Discover internet-wide misconfigurations while drinking coffee

Declaratively install and manage multiple Helm chart releases

Universal Operator Lifecycle Manager (OLM) for Kubernetes operators, and operators for traditional Linux and Windows apps, with declarative integration between operators for automated microservice integration.

internet monitoring osint telegram bot for windows

This repository contains a list of all web sites I come across that are either hacked with or purposefully hosting malware, ransomware, viruses or trojans.

The Simplistic Information Gathering Engine | Find Advanced Information on a Username, Website, Phone Number, etc.

GUI based offensive penetration testing tool (Open Source)

FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.

RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

Dorks for shodan.io. Some basic shodan dorks collected from publicly available data.

Advanced buffer overflow and memory corruption security challenges

An anti-ARP-spoofing application software that use active and passive scanning methods to detect and remove any ARP-spoofer from the network.

💻🛡️ A curated collection of awesome resources, tools, and other shiny things for cybersecurity blue teams.

Security control framework mappings to MITRE ATT&CK provide a critically important resource for organizations to assess their security control coverage against real-world threats and provide a bridge for integrating ATT&CK-based threat information into the risk management process.

Use ExpiredDomains.net and BlueCoat to find useful domains for red team.

One way to continuously monitor sensitive information that could be exposed on Github

An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.

WIFI Client Detection - Identify people by assigning a name to a device performing a wireless probe request.

MagicPad is an encryption suite for beginners. It is designed to be run standalone via the browser or executable (Electron).

Enine boyuna siber güvenlik

An ongoing list of virtual cybersecurity conferences.

A toolkit for Security Researchers