918 Open source projects that are alternatives of or similar to Silentbridge

OSINT Tool: Generate username lists for companies on LinkedIn

Tool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.

A list to discover work of red team tooling and methodology for penetration testing and security assessment

🔪 Leak git repositories from misconfigured websites

XSSMap 是一款基于 Python3 开发用于检测 XSS 漏洞的工具

A web front-end for password cracking and analytics

Framework RapidPayload - Metasploit Payload Generator | Crypter FUD AntiVirus Evasion

Automated Security Testing For REST API's

备考 OSCP 的各种干货资料/渗透测试干货资料

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

Code from Blackhat Python book

A Python tool used to automate the execution of the following tools : Nmap , Nikto and Dirsearch but also to automate the report generation during a Web Penetration Testing

hydra

Generates malicious LNK file payloads for data exfiltration

The LAZY script will make your life easier, and of course faster.

Spoof SSDP replies and create fake UPnP devices to phish for credentials and NetNTLM challenge/response.

PENIOT: Penetration Testing Tool for IoT

Kali Intelligence Suite (KIS) shall aid in the fast, autonomous, central, and comprehensive collection of intelligence by executing standard penetration testing tools. The collected data is internally stored in a structured manner to allow the fast identification and visualisation of the collected information.

List of every possible vulnerabilities in computer security.

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

Load a fresh new copy of ntdll.dll via file mapping to bypass API inline hook.

A pentesting tool inspired by mr robot and derived by zphisher

Study Notes For Web Hacking / Web安全学习笔记

Command line tool that allows you to explore IoT devices by using Shodan API.

Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

Next generation web scanner

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

HostHunter a recon tool for discovering hostnames using OSINT techniques.

Sifter aims to be a fully loaded Op Centre for Pentesters

Handbook of information collection for penetration testing and src

An Arch Linux repository for security professionals and enthusiasts. Done the Arch Way and optimized for i686, x86_64, ARMv6, ARMv7 and ARMv8.

Useful tools and scripts during Penetration Testing engagements

Penetration Testing notes, resources and scripts

Steganography brute-force utility to uncover hidden data inside files

Collection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)

一款功能强大的漏洞扫描器，子域名爆破使用aioDNS，asyncio异步快速扫描，覆盖目标全方位资产进行批量漏洞扫描，中间件信息收集，自动收集ip代理，探测Waf信息时自动使用来保护本机真实Ip，在本机Ip被Waf杀死后，自动切换代理Ip进行扫描，Waf信息收集(国内外100+款waf信息)包括安全狗，云锁，阿里云，云盾，腾讯云等，提供部分已知waf bypass 方案，中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等)，支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries

The Collective. A repo for a collection of red-team projects found mostly on Github.

A wrapper for Nmap to quickly run network scans

Linux enumeration tool for pentesting and CTFs with verbosity levels

An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.

An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.

Backporting .NET and more: LINQ expressions in .net 2.0 - nuget Theraot.Core available.

pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.

A collection of useful scripts for Cobalt Strike

wooyun public information backup

Bella is a pure python post-exploitation data mining tool & remote administration tool for macOS. 🍎💻

ASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight

Create custom bridge for AWS AppSync in Flutter

Centralize Vulnerability Assessment and Management for DevSecOps Team

Elasticsearch for Offensive Security

Abusing Certificate Transparency logs for getting HTTPS websites subdomains.

ping tunnel is a tool that advertises tcp/udp/socks5 traffic as icmp traffic for forwarding.

A collection of hacking / penetration testing resources to make you better!

A two-way puppeted Matrix bridge for Apple iMessage / Messages

🔄 A collection of mitmproxy inline scripts

Don't let buffer overflows overflow your mind