729 Open source projects that are alternatives of or similar to Subscraper

Open Redirect Payloads

CVE-2016-8610 (SSL Death Alert) PoC

Let's you perform domain/IP information gathering... in BASH! Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?"

备考 OSCP 的各种干货资料/渗透测试干货资料

Bilingual PhishingKit. TigerShark intergrates a vast array of various phishing tools and frameworks, from C2 servers, backdoors and delivery methods in multiple scripting languages in order to suit whatever your deployment needs may be.

Common Web Managers Fuzz Wordlists

Extract subdomains from SSL certificates in HTTPS sites.

List of Security Archives Tools and software, generally for facilitate security & penetration research. Opening it up to everyone will facilitate a knowledge transfer. Hopefully the initial set will grow and expand.

Set of tools to audit SIP based VoIP Systems

XSS'OR - Hack with JavaScript.

Cat-Nip Automated Basic Pentest Tool - Designed For Kali Linux

Next generation web scanner

Web Recon & Exploitation Tool.

A Golang implant that uses Slack as a command and control server

network reconnaissance toolkit

A curated list of awesome infosec courses and training resources.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

generates weak passwords based on current date

The LAZY script will make your life easier, and of course faster.

Vaf is a cross-platform very advanced and fast web fuzzer written in nim

📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.

Tool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.

Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.

PeekABoo tool can be used during internal penetration testing when a user needs to enable Remote Desktop on the targeted machine. It uses PowerShell remoting to perform this task. Note: Remote desktop is disabled by default on all Windows operating systems.

Burp Suite extension to passively scan for applications revealing server error messages

👀 🖥️ Golang rewrite of eyes.sh. Let's you perform domain/IP address information gathering. Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?" 🔍 🕵️

Penetration Testing Platform

Attack Surface Management Platform | Sn1perSecurity LLC

A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python

Keye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will make a request to these URLs and try to detect changes based on their response's body length.

It's a Docker Environment for pentesting which having all the required tool for VAPT.

A fast web directory/file enumeration tool written in Rust

Penetration test Achieve Knowledge Unite Rapid Interface

Pentesting suite for Maltego based on data in a Metasploit database

Security program for recovering passwords and pen-testing servers, routers and IoT devices using brute-force password attacks.

Penetration tests guide based on OWASP including test cases, resources and examples.

Argus Advanced Remote & Local Keylogger For macOS and Windows

Cheat-Sheet of tools for penetration testing

Automated Pentest Tools Designed For Parrot Linux

Docker - Ubuntu with a bunch of PenTesting tools and wordlists

Portia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised. Portia performs privilege escalation as well as lateral movement automatically in the network

A list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP (and more) study material. Commands in 'Usefulcommands' Keepnote. Bookmarks and reading material in 'BookmarkList' CherryTree. Reconscan Py2 and Py3. Custom ISO building.

Collection of the cheat sheets useful for pentesting

Tool to communicate with RPC services and check misconfigurations on NFS shares

🌒 Shell command obfuscation to avoid detection systems

TryHackMe CTFs writeups, notes, drafts, scrabbles, files and solutions.

Go library for credentials recovery

🔑 Hash type identifier (CLI & lib)

A tool for generating reverse shell payloads on the fly.

A script to configure a TP-Link MR3040 running OpenWRT into a simple, yet powerful penetration-testing "dropbox".

Ary 是一个集成类工具，主要用于调用各种安全工具，从而形成便捷的一键式渗透。

Overlord - Red Teaming Infrastructure Automation

OneForAll是一款功能强大的子域收集工具

⚡ Perform subdomain enumeration using the certificate transparency logs from Censys.

This tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs enabling attackers to read data they shouldn't be able to. This tool is originally based on Microsoft: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in

🌔 Official Repository for DarkSpiritz Penetration Framework | Written in Python 🐍

Framework For Exploring kernel vulnerabilities, network vulnerabilities ✨

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

😹 Tomcter is a python tool developed to bruteforce Apache Tomcat manager login with Apache Tomcat default credentials.