694 Open source projects that are alternatives of or similar to Swiftness

The unofficial HackerOne disclosure Timeline

Work in progress firewall for Linux syscalls, written in Rust

Secret and/ credential patterns used for gf.

Passive Security Scanner (被动式安全扫描器)

Terraform module to set up your AWS account with the secure baseline configuration based on CIS Amazon Web Services Foundations and AWS Foundational Security Best Practices.

A big list of Android Hackerone disclosed reports and other resources.

Micro-framework for rapid development of reusable security tools

A powerful hacker toolkit collected more than 10 categories of open source scanners from Github - 安全行业从业者自研开源扫描器合辑

SkyArk helps to discover, assess and secure the most privileged entities in Azure and AWS

🎖safely* install packages with npm or yarn by auditing them as part of your install process

This ansible role gets information from an AWS VPC and generate a graphical representation of security groups

Tool to predict attacker groups from the techniques and software used

👻Stowaway -- Multi-hop Proxy Tool for pentesters

Infection Monkey - An automated pentest tool

Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。

Security Tool to Look For Interesting Files in S3 Buckets

vulscan 扫描系统：最新的poc&exp漏洞扫描，redis未授权、敏感文件、java反序列化、tomcat命令执行及各种未授权扫描等...

Command line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.

Attack surface mapping

Advanced Netstat Using Python For Windows

Attack Surface Management Platform | Sn1perSecurity LLC

A binary analysis framework

Top disclosed reports from HackerOne

#legalbugbounty project — creating safe harbors on bug bounty programs and vulnerability disclosure programs. Authored by Amit Elazari.

Security scanner coordinator

Command line tool for testing CRLF injection on a list of domains.

Simple script that checks a domain for email protections

websocket-connection-smuggler

Read local Chrome cookies without root or decrypting

EmbedOS - Embedded security testing virtual machine

An ncurses-based Tox client (please make pull requests on the development fork: https://github.com/toktok/toxic)

Hacking tools

It's a simple tool for test vulnerability shellshock

Powerfull XSS Scanning and Parameter analysis tool&gem

一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具，可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如：Title、Domain、CDN、指纹信息、状态信息等。

A Python3 based single-file subdomain enumerator

Public append-only ledger microservice built with Slim Framework

Find web directories without bruteforce

Intelligence tool but without API key

GoFingerprint is a Go tool for taking a list of target web servers and matching their HTTP responses against a user defined list of fingerprints.

DeimosC2 is a Golang command and control framework for post-exploitation.

Openwrt 18.06.5 featured with the Exein's security framework

Open source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.

Given a list of hosts, this small utility fetches all whitelisted domains from the hosts' CSPs.

🕷️ XSS Listener is a penetration tool for easy to steal data with various XSS.

A Machine Learning approach for classifying a file as Malicious or Legitimate

PacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.

A JWT (JSON Web Token) Encoder & Decoder

Android Security Suite for in-depth reconnaissance and static bytecode analysis based on Ghera benchmarks.

A python2 script for sweeping a network to find windows systems compromised with the DOUBLEPULSAR implant.

For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙

The clever vulnerability dependency finder

kube-scan: Octarine k8s cluster risk assessment tool

Linux命令转发记录

Making Favicon.ico based Recon Great again !

Most usable tools for iOS penetration testing

This is the full file system fuzzing framework that I presented at the Hack in the Box 2020 Lockdown Edition conference in April.

Android Mobile Device Hardening

Open Vulnerability Assessment Scanner - Scanner for Greenbone Vulnerability Management (GVM)