2271 Open source projects that are alternatives of or similar to Snoop

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)

OSINT Swiss Army Knife

Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network

A toolkit for Security Researchers

ISeeYou is a Bash and Javascript tool to find the exact location of the users during social engineering or phishing engagements. Using exact location coordinates an attacker can perform preliminary reconnaissance which will help them in performing further targeted attacks.

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

Monitoring your Slack workspaces for sensitive information

Webshell Manager

E-mails, subdomains and names Harvester - OSINT

Related subdomains finder

Utility for hunting UAC bypasses or COM/DLL hijacks that alerts on the exported function that was consumed.

This repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions

Data leak checker & OSINT Tool

Sifter aims to be a fully loaded Op Centre for Pentesters

Pentest: Subdomains enumeration tool for penetration testers.

🔑 Hash type identifier (CLI & lib)

Monitoring GitLab for sensitive data shared publicly

Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.

🖖 Fast, modern, easy-to-use network scanner

Monitoring GitHub for sensitive data shared publicly

Multi source CVE/exploit parser.

OSINT Bookmarks for Firefox / Chrome / Edge / Safari

🦁 Juumla is a python tool created to identify Joomla version, scan for vulnerabilities and search for config or backup files.

个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

Chashell is a Go reverse shell that communicates over DNS. It can be used to bypass firewalls or tightly restricted networks.

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

A list of useful payloads for Web Application Security and Pentest/CTF

Framework для сбора данных из открытых источников. В Framework используется большое количество API, их необходимо зарегистрировать самому.​

🌒 Shell command obfuscation to avoid detection systems

🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…

Hershell is a simple TCP reverse shell written in Go.

A Tool for Domain Flyovers

🔍 A Complete Osint Tool

Offensive tools as Dockerfiles. Lightweight & Ready to go

This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.

LinkedinScraper is an another information gathering tool written in python. You can scrape employees of companies on Linkedin.com and then create these employee names, titles and emails.

Selenium powered Python script to automate searching for vulnerable web apps.

Security Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.

瓶颈渗透,web渗透,red红队,fuzz param,注释,js字典,ctf

Links for the OSINT Team

An advanced tool for email reconnaissance

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

Information Gathering Instagram.

红蓝对抗跨平台远控工具

A curated list of awesome privilege escalation

X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)

Zip Codes Validation and Parse.

PhoneInfoga is one of the most advanced tools to scan international phone numbers using only free resources. It allows you to first gather standard information such as country, area, carrier and line type on any international phone number. Then search for footprints on search engines to try to find the VoIP provider or identify the owner.

Pentest Report Generator

Automatically Launch Google Hacking Queries Against A Target Domain

HostHunter a recon tool for discovering hostnames using OSINT techniques.

Vulnerability Dashboard

WADComs is an interactive cheat sheet, containing a curated list of Unix/Windows offensive tools and their respective commands.

GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes.

Bloodhound for Blue and Purple Teams

Scan your code for security misconfiguration, search for passwords and secrets. 🔍

👻Stowaway -- Multi-hop Proxy Tool for pentesters