2472 Open source projects that are alternatives of or similar to Security Tools

My own OSCP guide

This document proposes a way of standardising the structure, language, and grammar used in security policies.

Bucket Flaws ( S3 Bucket Mass Scanner ): A Simple Lightweight Script to Check for Common S3 Bucket Misconfigurations

🚩 CTF AWD framework

A Python Tool For google Hacking

Get GTFOBins info about a given exploit from the command line

Resumão da massa sobre Capture the Flag.

🦁 Juumla is a python tool created to identify Joomla version, scan for vulnerabilities and search for config or backup files.

TomatoTools 一款CTF杂项利器，支持36种常见编码和密码算法的加密和解密，31种密文的分析和识别，支持自动提取flag，自定义插件等。

一个为渗透测试与CTF而制作的工具集，主要实现一些加解密的功能。

GoFingerprint is a Go tool for taking a list of target web servers and matching their HTTP responses against a user defined list of fingerprints.

Framework for rapid development and reusable of security tools

A simple dns resolver of dns-record and web-record log server for pentesting

SEC分布式资产扫描系统

Bento Toolkit is a minimal fedora-based container for penetration tests and CTF with the sweet addition of GUI applications.

👻 A LAN dropbox chatbot controllable via Telegram

Vulnerability assessment and penetration testing automation and reporting platform for teams.

Security challenges and CTFs created by the Penultimate team.

ImageStrike是一款用于CTF中图片隐写的综合利用工具

Subcert is an subdomain enumeration tool, that finds all the subdomains from certificate transparency logs.

sub domain wild card filtering tool

Open source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.

A Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.

Your Google Recon is Now Automated

Extract subdomains from SSL certificates in HTTPS sites.

👻Impost3r -- A linux password thief

Nuubi Tools (Information-ghatering|Scanner|Recon.)

One-click installer for Frida and Burp certs for SSL Pinning bypass

This is a multi-use bash script for Linux systems to audit wireless networks.

Python library and CLI for the Bug Bounty Recon API

Very simple script(s) to hasten binary exploit creation

🔩 jwt-hack is tool for hacking / security testing to JWT. Supported for En/decoding JWT, Generate payload for JWT attack and very fast cracking(dict/brutefoce)

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

A simple python script which can check HTTP status of branch of URLs/Subdomains and grab URLs/Subdomain title

XSS in pastebin.com and reddit.com via unsanitized markdown output

A collection of over 5.1 million sub-domains and assets belonging to public bug bounty programs, compiled into a repo, for performing bulk operations.

A Python Bytecode Disassembler helping reverse engineers in dissecting Python binaries by disassembling and analyzing the compiled python byte-code(.pyc) files across all python versions (including Python 3.10.*)

Misc. Public Reports of Penetration Testing and Security Audits.

Community Workflow for the Osmedeus Engine that describes basic reconnaissance methodology for you to build your own

Writeups of CTF challenges

Black Hat Python workshop for Disobey 2019

安全编排与自动化响应平台

An automated e-mail OSINT tool

CMS Detection and Exploit Kit based on Whatcms.org API

OSINT Project

HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.

a Go code to detect leaks in JS files via regex patterns

hacker, ready for more of our story ! 🚀

Official Black Hat Arsenal Security Tools Repository

Capture-the-Flag (CTF) environment setup tools for OWASP Juice Shop supporting CTFd, FBCTF and RootTheBox

Simple Keylogger with smtp to send emails on your account using python works on linux and Windows

封装多种CTF和平时常见加密及编码C#类库

SecurityExplained is a new series after the previous learning challenge series #Learn365. The aim of #SecurityExplained series is to create informational content in multiple formats and share with the community to enable knowledge creation and learning.

Command line tool that allows you to explore IoT devices by using Shodan API.

Find exposed API keys based on RegEx and get exploitation methods for some of keys that are found

An automatic and lightweight web application scanning tool for CTF.

No description or website provided.

Do some quick reconnaissance on a domain-based web-application

CloudFlare Checker written in Go

All releases of the security research group (a.k.a. hackers) The Hacker's Choice