831 Open source projects that are alternatives of or similar to Socialfish

The Last Web Recon Tool You'll Need

my oscp prep collection

Python network tool, similar to Netcat with custom features.

A Hashcat wrapper for distributed hashcracking

Automatic finder for subdomains vulnerable to takeover. Written in Go, based on @haccer's subjack.

Advanced Phishing tool for Linux & Termux

Username enumeration and password spraying tool aimed at Microsoft O365.

Semi-automatic OSINT framework and package manager

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Automatically spawn a reverse shell fully interactive for Linux or Windows victim

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

Interactive Network Scanner

small python3 tool to check common vulnerabilities in SMTP servers

Real-time 3D visualization of space.

Encoder to bypass WAF filters using XOR operations

Collection of quality safety articles. Awesome articles.

Relational database brute force and post exploitation tool for MySQL and MSSQL

Domain name permutation engine written in Go

Scala and Akka for kids. A Functional Programming approach for the well known LOGO.

Fast browser-based network discovery module

Perun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架

Course on topology in condensed matter

A list of resources for those interested in getting started in bug bounties

A collection of public offensive and defensive security related scripts for InfoSec students.

Awesome CSIRT is an curated list of links and resources in security and CSIRT daily activities.

被动式漏洞扫描系统

Keye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will make a request to these URLs and try to detect changes based on their response's body length.

A unified console to perform the "kill chain" stages of attacks.

linuxprivchecker.py -- a Linux Privilege Escalation Check Script

A container repository for my public web hacks!

Reverse proxies cheatsheet

Know the dangers of credential reuse attacks.

Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.

KratosKnife is a Advanced BOTNET Written in python 3 for Windows OS. Comes With Lot of Advanced Features such as Persistence & VM Detection Methods, Built-in Binder, etc

Learn the GitHub workflow by contributing code in a fun simulation project

A tool for bug hunting or pentesting for targeting websites that have open .git repositories available in public

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

Automatic SSRF fuzzer and exploitation tool

Script samples from the book Pentesting Azure Applications (2018, No Starch Press)

A step-by-step walkthrough of CloudGoat 2.0 scenarios.

A tool to hunt for publicly accessible DigitalOcean Spaces

Find exploits in local and online databases instantly

Find phishing kits which use your brand/organization's files and image.

Collection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi

Tool designed for performing various social engineering attacks, for phishing.

For all your network pentesting needs

An Infrastructure as Code (IaC) deployment of a small Active Directory pentest lab in the cloud. The deployment simulates a semi-realistic corporate enterprise Active Directory with a DC and endpoints. Purple team goals include blue team detection capabilities and R&D for detection engineering new approaches.

A list to discover work of red team tooling and methodology for penetration testing and security assessment

pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.

🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.

Machine learning to classify Malicious (Spam)/Benign URL's

IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.

🔥 Firecrack pentest tools: Facebook hacking random attack, deface, admin finder, bing dorking:

Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries

A small Php application to fetch archive url snapshots from archive.org. using it you can fetch complete list of snapshot urls of any year or complete list of all years possible. Made Specially for penetration testing purpose.

[POC] Asynchronous reverse shell using the HTTP protocol.

A simple tool for interacting with OWASP ZAP from the commandline.

Unsorted, raw, ugly & probably poorly usable tools for reversing, exploit and pentest

Keep track of all current ethereum scams in a large database

The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters