137 Open source projects that are alternatives of or similar to Scant3r

A list of resources for those interested in getting started in bug bounties

JavaScript library for building web-based applications that employ secure multi-party computation (MPC).

HTTPS Frontend Hijack

Micro-framework for rapid development of reusable security tools

Keye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will make a request to these URLs and try to detect changes based on their response's body length.

The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!

ASP.NET View State Decoder

DOMXSS Scanner is an online tool to scan source code for DOM based XSS vulnerabilities

bash scripting thing !

A Fast Broken Link Hijacker Tool written in Python

A tool to find subdomains and interesting things hidden inside, external Javascript files of page, folder, and Github.

Automatic finder for subdomains vulnerable to takeover. Written in Go, based on @haccer's subjack.

Repositório com conteúdo sobre web hacking em português

List of considerations for commerce site auditing and security teams. This is summary of action points and areas that need to be built into the Techinical Specific Document, or will be checked in the Security testing phases.

A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.

🏴‍☠️ Tools for pentesting, CTFs & wargames. 🏴‍☠️

An open source tool to aid in command line driven generation of bug bounty reports based on user provided templates.

Subdomain Takeover tool written in Go

🎯 RFI/LFI Payload List

A guided mutation-based fuzzer for ML-based Web Application Firewalls

Open IP cameras in IPv4

Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.

🛡️ Make your web services secure by default !

Cross-Site Scripting (XSS) command line tool for testing lists of XSS payloads on web apps.

Semi-automatic OSINT framework and package manager

Web path scanner

A web crawler (for bug hunting) that gathers more than you can imagine.

Source code for Hacker101.com - a free online web and mobile security class.

Collection of quality safety articles. Awesome articles.

👨‍🏫 Mike's Web Security Course

A container repository for my public web hacks!

CS 253 Web Security course at Stanford University

A curated list of various bug bounty tools

Hawkeye filesystem analysis tool

Awesome Node.js Security resources

A service that can track data breaches like "Have I Been Pwned", but it is specific for Taiwan.

HTTP Cache Poisoning Demo

Runs the default Google Lighthouse tests with additional security tests

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

Vulnerability Database | huntr.dev

A python script designed to check if the website if vulnerable of clickjacking and create a poc

Tools, data, and contact lists relevant to The disclose.io Project.

A Router WiFi key recovery/cracking tool with a twist.

Python Interactive Deepweb-oriented Rapid Intelligent Link Analyzer

Simple Server Side Request Forgery services enumeration tool.

Security Testing Scripts for JWT

This challenge is Inon Shkedy's 31 days API Security Tips.

A permutation generation tool written in golang

PrestaShop (1.6.x <= 1.6.1.23 or 1.7.x <= 1.7.4.4) Back Office Remote Code Execution (CVE-2018-19126)

File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

Human and machine readable web vulnerability testing format

A cross-platform note-taking & target-tracking app for penetration testers.

Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.

Python library and CLI for the Bug Bounty Recon API

Collection of Facebook Bug Bounty Writeups

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…

Awesome Object Capabilities and Capability Security

A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).

A collection of various awesome lists for hackers, pentesters and security researchers