363 Open source projects that are alternatives of or similar to Searpy

Ingenic T10 IP camera crawler

OSINT Swiss Army Knife

🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.

Open source all-in-one CLI tool to semi-automate pentesting.

CloudBunny is a tool to capture the real IP of the server that uses a WAF as a proxy or protection. In this tool we used three search engines to search domain information: Shodan, Censys and Zoomeye.

Dorks for shodan.io. Some basic shodan dorks collected from publicly available data.

shodan

Shodan.io connector for Phantom Cyber Security Orchestration

Powerful Shodan API client using RxJava and Retrofit

No description or website provided.

Custom security distro for remote penetration testing

Spray365 makes spraying Microsoft accounts (Office 365 / Azure AD) easy through its customizable two-step password spraying approach. The built-in execution plan features options that attempt to bypass Azure Smart Lockout and insecure conditional access policies.

scripts to setup pentesting system and use during pentest

Calculate fingerprints of a website for OSINT search

Kali Live Build Scripts

Pentest/BugBounty progress control with scanning modules

Bifrost C2. Open-source post-exploitation using Discord API

Shodan Port Scanner

A Java version of the SDK, based on the FOFA Pro API, makes it easy for Java developers to quickly integrate FOFA Pro into their projects.

Log4J scanner that detects vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046, etc) on your file-system within any application. It is able to even find Log4J instances that are hidden several layers deep. Works on Linux, Windows, and Mac, and everywhere else Java runs, too!

🦁 Juumla is a python tool created to identify Joomla version, scan for vulnerabilities and search for config or backup files.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

nuclei framework scripts

根据多个不同地区进行聚合查询以获取更多 fofa 数据

Fast website scraper and wordlist generator

PeekABoo tool can be used during internal penetration testing when a user needs to enable Remote Desktop on the targeted machine. It uses PowerShell remoting to perform this task. Note: Remote desktop is disabled by default on all Windows operating systems.

Tool to communicate with RPC services and check misconfigurations on NFS shares

A collection of useful links for Pentesters

BadUSB Teensy downexec exploit support Windows & Linux / Windows Cmd & PowerShell addUser exploit

Lookup file hashes, domain names and IP addresses using various vendors to assist with triaging potential threats.

Company Passwords Profiler (aka ComPP) helps making a bruteforce wordlist for a targeted company.

My python3 implementation of a Forward Shell

useful pentest note

List of Security Archives Tools and software, generally for facilitate security & penetration research. Opening it up to everyone will facilitate a knowledge transfer. Hopefully the initial set will grow and expand.

fofax is a command line query tool based on the API of https://fofa.info/, simple is the best!

一个简单实用的FOFA客户端 By flashine

ShodanCPP is a С++ library for accessing the Shodan API.

d(ockerp)wn - a docker pwn tool manager

Framework For Exploring kernel vulnerabilities, network vulnerabilities ✨

Argus Advanced Remote & Local Keylogger For macOS and Windows

Docker - Ubuntu with a bunch of PenTesting tools and wordlists

A proof of concept crypto virus to spread user awareness about attacks and implications of ransomwares. Phirautee is written purely using PowerShell and does not require any third-party libraries. This tool steals the information, holds an organisation’s data to hostage for payments or permanently encrypts/deletes the organisation data.

Gets in the way of your victim's traffic and out of yours

🌒 Shell command obfuscation to avoid detection systems

Cheat-Sheet of tools for penetration testing

Framework for rapid development and reusable of security tools

ISAF aims to be a framework that provides the necessary tools for the correct security audit of industrial environments. This repo is a mirror of https://gitlab.com/d0ubl3g/industrial-security-auditing-framework.

Suggests programs to run against services found during the enumeration phase of a Pentest

A web spider for shodan.io without using the Developer API.

Brute force attack tool for Azure AD Autologon/Seamless SSO - Source: https://arstechnica.com/information-technology/2021/09/new-azure-active-directory-password-brute-forcing-flaw-has-no-fix/

Scan for and exploit Consul agents

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

BloodHound Docker Ready to Use

Hacking Tools Z0172CK

🔑 Hash type identifier (CLI & lib)

A tool for generating reverse shell payloads on the fly.

Turn your VPS into an attack box

Python AV Evasion Tools

Apache HTTP Server 2.4.49, 2.4.50 - Path Traversal & RCE

VNC pentest tool with bruteforce and ducky script execution features