403 Open source projects that are alternatives of or similar to Umbrella

Automatic SSRF fuzzer and exploitation tool

Future Of Phishing With less delay

DeepSea Phishing Gear

Open source all-in-one CLI tool to semi-automate pentesting.

Machine learning to classify Malicious (Spam)/Benign URL's

Pymeta will search the web for files on a domain to download and extract metadata. This technique can be used to identify: domains, usernames, software/version numbers and naming conventions.

This is a rich-featured Visual Basic macro code for use during Penetration Testing assignments, implementing various advanced post-exploitation techniques.

A tool to test security of json web token

Penetration tests guide based on OWASP including test cases, resources and examples.

Detection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.

Awesome Node.js Security resources

A Cloudflare resolver that works

Pop shells like a master.

Tool for catching and logging different types of requests.

Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network

Let's track phishing kits to give to research community raw material to study !

Script collection to bypass Network Access Control (NAC, 802.1x)

Unsorted, raw, ugly & probably poorly usable tools for reversing, exploit and pentest

Sparty - MS Sharepoint and Frontpage Auditing Tool [Unofficial]

nray distributed port scanner

🔎 Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.

A list of payload and bypass lists for penetration testing and red team infrastructure build.

Find exploits in local and online databases instantly

An Infrastructure as Code (IaC) deployment of a small Active Directory pentest lab in the cloud. The deployment simulates a semi-realistic corporate enterprise Active Directory with a DC and endpoints. Purple team goals include blue team detection capabilities and R&D for detection engineering new approaches.

scan for NTLM directories

☠️ The Pathwar Project ☠️

Keep track of all current ethereum scams in a large database

Evilgrade is a modular framework that allows the user to take advantage of poor upgrade implementations by injecting fake updates.

Find phishing kits which use your brand/organization's files and image.

A tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo for linux privilege escalation.

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

PROFESSIONAL TOOL ORIENTED IN THE RECREATION OF PHISHING WEBSITES SCENARIOS

Phishing Tool for 18 social media: Instagram, Facebook, Snapchat, Github, Twitter, Yahoo, Protonmail, Spotify, Netflix, Linkedin, Wordpress, Origin, Steam, Microsoft, InstaFollowers, Gitlab, Pinterest

Set of tools to audit SIP based VoIP Systems

Burp Suite extension to passively scan for applications revealing server error messages

Leverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.

vulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}

Vulnerability Recurrence:漏洞复现记录

Ladon Network Penetration Scanner for PowerShell, vulnerability / exploit / detection / MS17010/SmbGhost,Brute-Force SMB/IPC/WMI/NBT/SSH/FTP/MSSQL/MYSQL/ORACLE/VNC

Docker images for infosec tools

API, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)

Cat-Nip Automated Basic Pentest Tool - Designed For Kali Linux

Burp extension to passively scan for applications revealing software version numbers

TechNowLogger is Windows/Linux Keylogger Generator which sends key-logs via email with other juicy target info

Snoop — инструмент разведки на основе открытых данных (OSINT world)

Offensive Web Testing Framework (OWTF), is a framework which tries to unite great tools and make pen testing more efficient http://owtf.org https://twitter.com/owtfp

The SOC Analysts all-in-one CLI tool to automate and speed up workflow.

Username enumeration and password spraying tool aimed at Microsoft O365.

Notes about attacking Jenkins servers

DLL Password Filter Implant with Exfiltration Capabilities

Monitor Certificate Transparency Logs For Phishing Domains

Portia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised. Portia performs privilege escalation as well as lateral movement automatically in the network

🔱 [ Phishing Made Easy ] 🔱 (In Beta)

Keye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will make a request to these URLs and try to detect changes based on their response's body length.

light weight phishing framework with 18+ pages.

Collection of quality safety articles. Awesome articles.

Multiplatform payload dropper

Intelligence and Reconnaissance Package/Bundle installer.

Community-built scenarios for Wifiphisher