639 Open source projects that are alternatives of or similar to Scout

Web path scanner

Fast web fuzzer written in Go

This repository contains full code examples from the book Gray Hat C#

Web Pentesting Fuzz 字典,一个就够了。

A Not So Very Intelligent Fuzzer: An advanced fuzzing framework designed to find vulnerabilities in C/C++ code.

web-based OSINT and reconaissance toolkit

URL shortener web application based on the Laravel PHP Framework.

🔗 Immutable, Pythonic, correct URLs.

A library for managing state through query parameters in the URL in React

The Leading Security Assessment Framework for Android.

Rockyou for web fuzzing

DNS-Persist is a post-exploitation agent which uses DNS for command and control.

Awesome Nmap Grep

AWS Identity and Access Management Visualizer and Anomaly Finder

Windows NT x64 syscall fuzzer

Dynamic file detection tool based on crawler 基于爬虫的动态敏感文件探测工具

A backdoor with a multitude of features.

This is my OSCP cheat sheet made by combining a lot of different resources online with a little bit of tweaking. I used this cheat sheet during my exam (Fri, 13 Sep 2019) and during the labs. I can proudly say it helped me pass so I hope it can help you as well ! Good Luck and Try Harder

coverage guided fuzz testing for java

Automated All-in-One OS Command Injection Exploitation Tool.

A tool to fastly get all javascript sources/files

gramfuzz is a grammar-based fuzzer that lets one define complex grammars to generate text and binary data formats.

A Python tool used to automate the execution of the following tools : Nmap , Nikto and Dirsearch but also to automate the report generation during a Web Penetration Testing

AFL-based fuzz testing for .NET

Penetration testing and auditing toolkit for Android apps.

Organize and send HTTP requests from Emacs

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

Spoof SSDP replies and create fake UPnP devices to phish for credentials and NetNTLM challenge/response.

Fuzz your Rust code with Google-developed Honggfuzz !

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

LeakScraper is an efficient set of tools to process and visualize huge text files containing credentials. Theses tools are designed to help penetration testers and redteamers doing OSINT by gathering credentials belonging to their target.

Hawkeye filesystem analysis tool

A Virtual environment for Pentesting IoT Devices

File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

uri type for PostgreSQL

Multi protocol support for handling remote files like local ones in Visual Studio Code.

🌔 Official Repository for DarkSpiritz Penetration Framework | Written in Python 🐍

An automated e-mail OSINT tool

Cameradar hacks its way into RTSP videosurveillance cameras

HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.

Vagrant VirtualBox environment for conducting an internal network penetration test

Captcha Intruder (CIntrud3r) is an automatic pentesting tool to bypass captchas.

Коннектор: удобный HTTP-клиент для 1С:Предприятие 8

⚡️ Worlds fastest steghide cracker, chewing through millions of passwords per second ⚡️

A simple wrapper for C# tools

A tiny, secure, URL-friendly, unique string ID generator for Rust

Simple scala library for building and parsing URIs

A simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support

Advanced yet easy to use escaping library for Java

Phishing Tool & Information Collector

PHP function tracker

Evaluate the security of S3 buckets

Generates malicious LNK file payloads for data exfiltration

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

The all-in-one Red Team extension for Web Pentester 🛠

An extensible toolkit providing penetration testers an easy-to-use platform to deploy Access Points during penetration testing and red team engagements.

Semantics-aware Code Generation for Finding JS engine Vulnerabilities

A CPU-based JSON Web Token (JWT) cracker and - to some extent - scanner.

Code from Blackhat Python book

Enumerate and decrypt TeamViewer credentials from Windows registry