888 Open source projects that are alternatives of or similar to Security Scripts

Open Repository for the Open Security and Privacy Reference Architecture

Rescope is a tool geared towards pentesters and bugbounty researchers, that aims to make life easier when defining scopes for Burp Suite and OWASP ZAP.

A note-taking macOS app for penetration-testers.

Software tools for Nordic Semiconductor nRF24-based devices like wireless keyboards, mice, and presenters

🍿 The perfect Checklist Website for meticulous developers.

Pentesting suite for Maltego based on data in a Metasploit database

Explore Indicators of Compromise Automatically

Docker image to generate, renew, revoke RSA and/or ECDSA SSL certificates from LetsEncrypt CA using certbot and acme.sh clients in automated fashion

TLS implementation in pure python, focused on interoperability testing

A tiny NodeJS module to check SSL expiry 🔒

Detection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.

IBM Fully Homomorphic Encryption Toolkit For Linux. This toolkit is a Linux based Docker container that demonstrates computing on encrypted data without decrypting it! The toolkit ships with two demos including a fully encrypted Machine Learning inference with a Neural Network and a Privacy-Preserving key-value search.

Cloud Discovery provides a point in time enumeration of all the cloud native platform services

An OSINT Metadata analyzing tool that filters through tags and creates reports

🔐 Tutorial of setting up Security for your API with one way authentication with TLS/SSL and mutual mutual authentication for a java based web server and a client with both Spring Boot. Different clients are provided such as Apache HttpClient, OkHttp, Spring RestTemplate, Spring WebFlux WebClient Jetty and Netty, the old and the new JDK HttpClient, the old and the new Jersey Client, Google HttpClient, Unirest, Retrofit, Feign, Methanol, vertx, Scala client Finagle, Featherbed, Dispatch Reboot, AsyncHttpClient, Sttp, Akka, Requests Scala, Http4s Blaze, Kotlin client Fuel, http4k, Kohttp and ktor. Also other server examples are available such as jersey with grizzly. Also gRPC examples are included

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

EternalView is an all in one basic information gathering and vulnerability assessment tool

Simple framework for TCP clients and servers. Focused on performance and usability.

asset-scan是一款适用甲方企业的外网资产周期性扫描监控系统

wolfSSL (formerly CyaSSL) is a small, fast, portable implementation of TLS/SSL for embedded devices to the cloud. wolfSSL supports up to TLS 1.3!

100% Open-Source Packet Capture Agent for HEP

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能

ELK Stack Dockerfile

Scripts to gather system configuration information for offline/remote auditing

A binary analysis framework

SSL Certificate Manager UI for Windows, powered by Let's Encrypt. Download from certifytheweb.com

Custom memory allocator that helps discover reads from uninitialized memory

Tool for complete hardening of Linux boot chain with UEFI Secure Boot

Distributed filesystem scanner

Micro-framework for rapid development of reusable security tools

Auto IP or Domain Attack Tool ( #1 )

Linux命令转发记录

Awesome hacking is an awesome collection of hacking tools.

Security tool to trace URL's jumps across the rel links to obtain the last URL

OSS Vulnerability Scanner for Windows Platform

Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start

Zabbix check SSL certificates

The opposite of Ruler, provides blue teams with the ability to detect Ruler usage against Exchange.

Advanced Netstat Using Python For Windows

基于masscan和nmap的快速端口扫描和指纹识别工具，优化版本(获取标题，页面长度,过滤防火墙)

Discover Your Attack Surface!

Intel Owl: analyze files, domains, IPs in multiple ways from a single API at scale

Application Layer DoS attack simulator

snopf USB password token

Index of websites publishing bugs along the lines of heartbleed.com

Leverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.

An Unsupervised Graph-based Toolbox for Fraud Detection

Elasticsearch for Offensive Security

Find web directories without bruteforce

Exploit management framework

Generate self-signed x.509 certificates for use with SSL/TLS

🔒 acmetool, an automatic certificate acquisition tool for ACME (Let's Encrypt)

📓 Reference guide for scanning networks with Nmap.

Forseti Security

Nmap on steroids. Simple CLI with the ability to run pure Nmap engine, 31 modules with 459 scan profiles.

Chromium с поддержкой алгоритмов ГОСТ

本程序旨在为安全应急响应人员对Linux主机排查时提供便利，实现主机侧Checklist的自动全面化检测，根据检测结果自动数据聚合，进行黑客攻击路径溯源。

📷 ViewFinder - NodeJS product to make the browser into a web app. WTF RBI. CBII. Remote browser isolation, embeddable browserview, secure chrome saas. Licenses, managed, self-hosted. Like S2, WebGap, Bromium, Authentic8, Menlo Security and Broadcom, but open source with free live demos available now! Also, integrated RBI/CDR with CDR from https://github.com/dosyago/p2%2e

This project includes a few examples on how to create different types of sockets using AndroidAsync. It includes examples for a TCP client/server, TCP client with SSL and UDP client/server.