1060 Open source projects that are alternatives of or similar to SecurityExplained

Yet Another PHP Shell - The most complete PHP reverse shell

HostHunter a recon tool for discovering hostnames using OSINT techniques.

For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

ASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight

Rescope is a tool geared towards pentesters and bugbounty researchers, that aims to make life easier when defining scopes for Burp Suite and OWASP ZAP.

Awesome cloud enumerator

Hetty is an HTTP toolkit for security research.

Dump exposed HTTP .git fast

An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.

Collection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

A Powerful Subdomain Takeover Tool

Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.

Subdomain Takeover tool written in Go

Detects the algorithm of input JWT Token and provide options to generate the new JWT token based on the user selected algorithm.

A python tool to check subdomain takeover vulnerability

Offensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.

ReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.

Web path scanner

A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.

A Python3 based single-file subdomain enumerator

Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

A simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support

A tool to fastly get all javascript sources/files

Automated All-in-One OS Command Injection Exploitation Tool.

Intelligence tool but without API key

Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting

A fast DOM based XSS vulnerability scanner with simplicity.

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

Quiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.

OSINT

🦄🔒 Awesome list of secrets in environment variables 🖥️

Do some quick reconnaissance on a domain-based web-application

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…

Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。

An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.

Rockyou for web fuzzing

Extracting URLs of a specific target based on the results of "commoncrawl.org"

A collection of over 5.1 million sub-domains and assets belonging to public bug bounty programs, compiled into a repo, for performing bulk operations.

Just a place where I can store demo projects for my technical articles.

Multithreaded Plugin based vulnerability scanner for mass detection of web-based applications vulnerabilities

End to End learning for Video Generation from Text

Roadmap for learning the C++ programming language for beginners and experienced devs.

Learning React contents with TypeScript (Hooks, Redux)

Simple image classifier microservice using tensorflow and sanic

BugBounty Tool

A Tool for Domain Flyovers

Guilds de OSW

👓 Awesome Gamified - See your progress and save awesome links you've already seen!

anewer appends lines from stdin to a file if they don't already exist in the file. This is a rust version of https://github.com/tomnomnom/anew

A repo containing real life frontend challenges which you can use to practice frontend!

XSS in pastebin.com and reddit.com via unsanitized markdown output

One-click installer for Frida and Burp certs for SSL Pinning bypass

An actively maintained, Self curated notes related to android application security for security professionals, bugbounty hunters, pentesters, reverse engineer, and redteamers.

Reconness Agents Script

An efficient multi-threaded DNS resolver validator

Simple Keylogger with smtp to send emails on your account using python works on linux and Windows