1044 Open source projects that are alternatives of or similar to Trigmap

A tool for fuzzing for ports that allow outgoing connections

The best Hacking and PenTesting tools installer on the world

Parse nmap scan data with Perl (official repo)

A cross-platform note-taking & target-tracking app for penetration testers.

Parse OpenAPI documents into Burp Suite for automating OpenAPI-based APIs security assessments (approved by PortSwigger for inclusion in their official BApp Store).

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)

A collection of special paths linked to major web CVEs, known misconfigurations, juicy APIs ..etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints and quick-wins.

A Nmap XSL implementation with Bootstrap.

ReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.

Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab

Web Application Security Scanner

nray distributed port scanner

Wiegand data logger, replay device and micro door-controller

(l)user hunter using WinAPI calls only

🔨 Manage your website via terminal

👻Behold3r -- 收集指定网站的子域名，并可监控指定网站的子域名更新情况，发送变更报告至指定邮箱

Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework

collector for XDR and security posture service

Collection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi

A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.

Subdomain Takeover tool written in Go

./kumasia php simple backdoor

Content for hackingthe.cloud

A Collection of articles, videos, blogs, talks and other materials on Node.js Security

Enumerate usernames on a domain where you have no creds by using SMB Relay with low priv.

Payload Arsenal for Pentration Tester and Bug Bounty Hunters

Wireshark Cheat Sheet

Automated Penetration Testing Framework

My own OSCP guide

📱 objection - runtime mobile exploration

A collection of more than 140+ tools, scripts, cheatsheets and other loots that I have developed over years for Red Teaming/Pentesting/IT Security audits purposes. Most of them came handy on at least one of my real-world engagements.

🥀 Search Engine Tookit，URL采集、Favicon哈希值查找真实IP、子域名查找

🔥 A powerful MongoDB auditing and pentesting tool 🔥

VulWebaju is a platform that automates setting up your pen-testing environment for learning purposes.

Abusing Impersonation Privileges on Windows 10 and Server 2019

Automated tool for WiFi hacking.

A collection of manifests that will create pods with elevated privileges.

Find web directories without bruteforce

WebMap-Nmap Web Dashboard and Reporting

AV-evading Pythonic Reverse Shell with Dynamic Adaption Capabilities

A Powerful Subdomain Takeover Tool

Rapid diagnostic system status tool (performance monitoring, network scanning, mysql performance monitoring, kubectl status)

Automatically spawn a reverse shell fully interactive for Linux or Windows victim

Generate Gmail Emailing Keyloggers to Windows.

Pentest Lab on OpenStack with Heat, Chef provisioning and Docker

Adds a customizable "Send to..."-context-menu to your BurpSuite.

foolav successor - loads DLL, executable or shellcode into memory and runs it effectively bypassing AV

无状态子域名爆破工具

a fast domain brute tool

Work in progress...

3389远程桌面代码执行漏洞CVE-2019-0708批量检测工具(Rdpscan Bluekeep Check)

fast TCP banner grabbing with node.js

Attempting to be an all in one repo for others' userful aggressor scripts as well as things we've found useful during Red Team Operations.

A next generation version of enum4linux (a Windows/Samba enumeration tool) with additional features like JSON/YAML export. Aimed for security professionals and CTF players.

swiss army knife for hackers

Arissploit Framework is a simple framework designed to master penetration testing tools. Arissploit Framework offers simple structure, basic CLI, and useful features for learning and developing penetration testing tools.

Single-file PHP shell

Watchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.

SQLi-Hunter is a simple HTTP / HTTPS proxy server and a SQLMAP API wrapper that makes digging SQLi easy.