673 Open source projects that are alternatives of or similar to Tools Tbhm

Hunt down the secrets from the WebArchives for Fun and Profit

Curated List of Privacy Respecting Services and Software

Custom memory allocator that helps discover reads from uninitialized memory

NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.

Exein core for Linux based firmware

GoFingerprint is a Go tool for taking a list of target web servers and matching their HTTP responses against a user defined list of fingerprints.

OSS Vulnerability Scanner for Windows Platform

Cloud Discovery provides a point in time enumeration of all the cloud native platform services

Leverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.

Set of tools to audit SIP based VoIP Systems

A collection of Ansible Playbooks that configure Kali to use Fish & install a number of tools

The unofficial HackerOne disclosure Timeline

A binary analysis framework

Automating XSS using Bash

Collecting & Hunting for IOCs with gusto and style

Quiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.

An application to assist in the organization and prioritization of software security activities.

A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference

Collection of PowerShell network security scripts for system administrators.

outis is a custom Remote Administration Tool (RAT) or something like that. It was build to support various transport methods (like DNS) and platforms (like Powershell).

Android library to reveal or obfuscate strings and assets at runtime

🚿 Sanitising your documents, one threat at a time. — Content Disarm & Reconstruction Software

🧰 A zero trust swiss army knife for working with X509, OAuth, JWT, OATH OTP, etc.

This is the full file system fuzzing framework that I presented at the Hack in the Box 2020 Lockdown Edition conference in April.

Tool made to automate tasks of pentesting.

protocol fuzzing toolkit

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

Container with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters

A JWT (JSON Web Token) Encoder & Decoder

Resources to help you keep secrets (API keys, database credentials, certificates, ...) out of source code and remediate the issue in case of a leaked API key. Made available by GitGuardian.

Use ExpiredDomains.net and BlueCoat to find useful domains for red team.

Username enumeration and password spraying tool aimed at Microsoft O365.

Simplifying Seccomp enforcement in containerized or non-containerized apps

Common password pattern generator using strings list

Urls de-duplication tool for better recon.

Some of the best web shells that you might need!

End-To-End File & Message Encryption For Discord

🚀 Fast Port Scanner 🚀

Community curated list of templates for the nuclei engine to find security vulnerabilities.

A collection of public offensive and defensive security related scripts for InfoSec students.

GitHub Sensitive Information Leakage（GitHub敏感信息泄露监控）

OSSSM (awesome). Open source short-term secure messaging

🎯 Server Side Template Injection Payloads

pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.

Curated list of links, references, books videos, tutorials (Free or Paid), Exploit, CTFs, Hacking Practices etc. which are related to AWS Security

A PowerShell armoury for penetration testers or other random security guys

ReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.

Webshell Manager

Awesome Golang Security resources 🕶🔐

Poor (rich?) man's bug bounty pipeline

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List

A tool to test security of json web token

Adversary Simulation Framework

Telling tales on you for leaking secrets!

njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.

VOIP Security Audit Framework

Detection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.