1044 Open source projects that are alternatives of or similar to Trigmap

Common Web Managers Fuzz Wordlists

Red Team Toolkit is an Open-Source Django Offensive Web-App which is keeping the useful offensive tools used in the red-teaming together.

List of Security Archives Tools and software, generally for facilitate security & penetration research. Opening it up to everyone will facilitate a knowledge transfer. Hopefully the initial set will grow and expand.

Exploit Pack -The next generation exploit framework

Spoilerwall introduces a brand new concept in the field of network hardening. Avoid being scanned by spoiling movies on all your ports!

List of every possible vulnerabilities in computer security.

This tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs enabling attackers to read data they shouldn't be able to. This tool is originally based on Microsoft: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in

Nmap and NSE command line wrapper in the style of Metasploit

Gives you one-liners that aids in penetration testing operations, privilege escalation and more

parse nmap files

Command line tool that allows you to explore IoT devices by using Shodan API.

Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.

Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands on training!

Perun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架

Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network

Load a fresh new copy of ntdll.dll via file mapping to bypass API inline hook.

Selenium powered Python script to automate searching for vulnerable web apps.

IP Tools To quickly get information about IP Address's, Web Pages and DNS records.

Awesome cloud enumerator

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Interactive Network Scanner

个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.

A fast web directory/file enumeration tool written in Rust

Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.

Hacker101 CTF Writeup

unix SSH post-exploitation 1337 tool

Offensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.

A standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

ODAT: Oracle Database Attacking Tool

🔎 Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.

Kali Live Build Scripts

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

Penetration tests guide based on OWASP including test cases, resources and examples.

Penetration test Achieve Knowledge Unite Rapid Interface

Command line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.

For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙

Steganography brute-force utility to uncover hidden data inside files

Find exploits in local and online databases instantly

Python3 tool to perform password spraying using RDP

A curated list of awesome privilege escalation

PacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.

Automation for internal Windows Penetrationtest / AD-Security

HostHunter a recon tool for discovering hostnames using OSINT techniques.

Wi-Fi tools keep getting more and more accessible to beginners, and the Ehtools Framework is a framework of serious penetration tools that can be explored easily from within it. This powerful and simple tool can be used for everything from installing new add-ons to grabbing a WPA handshake in a matter of seconds. Plus, it's easy to install, set up, and utilize.

Passhunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.

API, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)

Burp extension to passively scan for applications revealing software version numbers

Ladon Network Penetration Scanner for PowerShell, vulnerability / exploit / detection / MS17010/SmbGhost,Brute-Force SMB/IPC/WMI/NBT/SSH/FTP/MSSQL/MYSQL/ORACLE/VNC

Burp Suite extension to passively scan for applications revealing server error messages

NetCat for Windows

Useful tools and scripts during Penetration Testing engagements

A tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo for linux privilege escalation.

Simple Karma Attack

Privilege Escalation Enumeration Script for Windows

BurpSuite收集：包括不限于 Burp 文章、破解版、插件(非BApp Store)、汉化等相关教程，欢迎添砖加瓦---burpsuite-pro burpsuite-extender burpsuite cracked-version hackbar hacktools fuzzing fuzz-testing burp-plugin burp-extensions bapp-store brute-force-attacks brute-force-passwords waf sqlmap jar

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能

A collection of public offensive and defensive security related scripts for InfoSec students.

Study Notes For Web Hacking / Web安全学习笔记