1044 Open source projects that are alternatives of or similar to Trigmap

A powerful hacker toolkit collected more than 10 categories of open source scanners from Github - 安全行业从业者自研开源扫描器合辑

Infection Monkey - An automated pentest tool

Modern tactical exploitation toolkit.

Powerfull XSS Scanning and Parameter analysis tool&gem

RDP man-in-the-middle (mitm) and library for Python with the ability to watch connections live or after the fact

Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries

Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security.

Go-deliver is a payload delivery tool coded in Go.

Most usable tools for iOS penetration testing

🔨 A modern multiple reverse shell sessions manager wrote in go

XSHOCK Shellshock Exploit

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

Common password pattern generator using strings list

Nmap - the Network Mapper. Github mirror of official SVN repository.

A framework that create an advanced stealthy dropper that bypass most AVs and have a lot of tricks

Automated Red Team Infrastructure deployement using Docker

small python3 tool to check common vulnerabilities in SMTP servers

Automated Cyber Offense

Advanced Web Shell

A curated list of awesome Internet port and host scanners, plus related components and much more, with a focus on free and open source projects.

An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.

A tool to abuse Exchange services

A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests

A graph-based tool for visualizing effective access and resource relationships in AWS environments.

The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

集成crawlergo、xray、dirsearch、nmap等工具的src漏洞挖掘工具，使用docker封装运行；使用oneforall自动遍历子域名并扫描；

A "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)

Collection of quality safety articles. Awesome articles.

The iOS Security Testing Framework

⚡️An awesome list of the best Termux hacking tools

Forward shell generation framework

This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference

Paramalyzer - Burp extension for parameter analysis of large-scale web application penetration tests.

Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.

Appsecco training course content on Attacking and Auditing Dockers Containers and Kubernetes Clusters

Learning Penetration Testing of Android Applications

The New Hacking Framework

RedSnarf is a pen-testing / red-teaming tool for Windows environments

A swiss army knife for pentesting networks

WeirdAAL (AWS Attack Library)

mXtract - Memory Extractor & Analyzer

A collection of useful scripts for Cobalt Strike

Dorks for shodan.io. Some basic shodan dorks collected from publicly available data.

Notes for taking the OSCP in 2097. Read in book form on GitBook

Post-Exploitation Framework

Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. [email protected]

SMBExec implementation in Nim - SMBv2 using NTLM Authentication with Pass-The-Hash technique

红队综合渗透框架

The best and easiest way to decode and repack AWVS scripts. AWVS 最好、最简单、最新的解码/再打包方法，仅15行代码！

A container repository for my public web hacks!

Password wordlist generator using song lyrics for targeted bruteforce audits / attacks. Useful for penetration testing or security research.

Extension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.

All in One Hacking Tool for Linux & Android (Termux). Make your linux environment into a Hacking Machine. Hackers are welcome in our blog

Python Books for Security

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产，构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产，发现存在的薄弱点和攻击面。

☠️ The Pathwar Project ☠️

All MITM attacks in one place.