613 Open source projects that are alternatives of or similar to Sqlite Lab

An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.

Fawkes is a tool to search for targets vulnerable to SQL Injection. Performs the search using Google search engine.

本程序旨在为安全应急响应人员对Linux主机排查时提供便利，实现主机侧Checklist的自动全面化检测，根据检测结果自动数据聚合，进行黑客攻击路径溯源。

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

Open-Source Ransomware As A Service for Linux, MacOS and Windows

A tool to hunt for publicly accessible DigitalOcean Spaces

🤖 The Modern Port Scanner 🤖

A Python SDK for Tufin Orchestration Suite

Python3 tool to perform password spraying using RDP

A container repository for my public web hacks!

Open Redirect Payloads

Privilege Escalation Enumeration Script for Windows

Enumerate usernames on a domain where you have no creds by using SMB Relay with low priv.

Silentbridge is a toolkit for bypassing 802.1x-2010 and 802.1x-2004.

w3af: web application attack and audit framework, the open source web vulnerability scanner.

BURP extension to record every HTTP request send via BURP and create an audit trail log of an assessment.

👻Impost3r -- A linux password thief

Fast Modular Web Interfaces Bruteforcer

Attempting to be an all in one repo for others' userful aggressor scripts as well as things we've found useful during Red Team Operations.

This is sample code to demonstrate how one can use SQL Injection vulnerability to download local file from server in specific condition. If you have any doubt, ping me at https://twitter.com/IndiShell1046 :)

swiss army knife for hackers

RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.

👀 🖥️ Golang rewrite of eyes.sh. Let's you perform domain/IP address information gathering. Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?" 🔍 🕵️

A standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)

Cloud Security Posture Management (CSPM)

SSL and TLS protocol test suite and fuzzer

Find web directories without bruteforce

ReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.

Easy files and payloads delivery over DNS

API, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)

👻 A LAN dropbox chatbot controllable via Telegram

DeepSea Phishing Gear

OSINT

Single-file PHP shell

Technical details that a programmer of a web application should consider before making the site public.

A tool to abuse Exchange services

A vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.

Dump exposed HTTP .git fast

Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.

mosquito - Automating reconnaissance and brute force attacks

Port of Wappalyzer (uncovers technologies used on websites) to automate mass scanning.

👶 BabySploit Beginner Pentesting Toolkit/Framework Written in Python 🐍

XSSMap 是一款基于 Python3 开发用于检测 XSS 漏洞的工具

Prowler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 200 controls covering CIS, ISO27001, GDPR, HIPAA, SOC2, ENS and other security frameworks.

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Web Pentesting Fuzz 字典,一个就够了。

This ansible role gets information from an AWS VPC and generate a graphical representation of security groups

wide range mass audit toolkit

Framework designed to automate various wireless networks attacks (the project was presented on Pentester Academy TV's toolbox in 2017).

hydra

All-in-one tool for managing vulnerability reports from AppSec pipelines

🎖safely* install packages with npm or yarn by auditing them as part of your install process

A ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network

Cat-Nip Automated Basic Pentest Tool - Designed For Kali Linux

🔥 A powerful MongoDB auditing and pentesting tool 🔥

This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference

Our OSCP repo: from popping shells to mental health.

Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.

OSINT Tool: Generate username lists for companies on LinkedIn