1146 Open source projects that are alternatives of or similar to Vailyn

A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.

Handbook of information collection for penetration testing and src

Parse OpenAPI documents into Burp Suite for automating OpenAPI-based APIs security assessments (approved by PortSwigger for inclusion in their official BApp Store).

Thoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.

Application and Service Fingerprinting

Fast web fuzzer written in Go

Web漏洞演练平台

An automated, modular cryptanalysis tool; i.e., a Weapon of Math Destruction

Apache Block Bad Bots, (Referer) Spam Referrer Blocker, Vulnerability Scanners, Malware, Adware, Ransomware, Malicious Sites, Wordpress Theme Detectors and Fail2Ban Jail for Repeat Offenders

Work in progress...

online port scan scraper

Credential stuffing engine built for security professionals

Automatically Launch Google Hacking Queries Against A Target Domain

Subaru StarLink persistent root code execution.

A social experiment

Script samples from the book Pentesting Azure Applications (2018, No Starch Press)

Kubernetes Goat is "Vulnerable by Design" Kubernetes Cluster. Designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security.

WADComs is an interactive cheat sheet, containing a curated list of Unix/Windows offensive tools and their respective commands.

wide range mass audit toolkit

Intelligence tool but without API key

Miscellaneous exploit code

Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting

DNS Rebinding Exploitation Framework

Quickly analyze and reverse engineer Android packages

Fast Modular Web Interfaces Bruteforcer

Tools for Hacking

Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.

Exploit pack for pentesters and ethical hackers.

Pentest Report Generator

Open source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.

A collection of pwn/CTF related utilities for Ghidra

A container analysis and exploitation tool for pentesters and engineers.

A curated list of awesome privilege escalation

Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries

Wazuh - Chef cookbooks

hacker, ready for more of our story ! 🚀

PowerShell Runspace Portable Post Exploitation Tool aimed at making Penetration Testing with PowerShell "easier"

🏴‍☠️ Tools for pentesting, CTFs & wargames. 🏴‍☠️

Notes about attacking Jenkins servers

Extract endpoints from APK files

⚡ Perform subdomain enumeration using the certificate transparency logs from Censys.

网络安全学习资料，欢迎补充

Collection of tips, tools and tutorials around infosec

Redis(<=5.0.5) RCE

Simple multi threaded tool to extract domain related data from commoncrawl.org

The SpecterOps project management and reporting engine

A default credential scanner.

A Golang implant that uses Slack as a command and control server

XSHOCK Shellshock Exploit

SQL Vulnerability Scanner

An advanced tool for email reconnaissance

ms17_010的批量扫描工具

network visualization & vulnerability management/reporting

Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.

Burpsuite-Plugins-Usage

Automated Cyber Offense

Open-Source Ransomware As A Service for Linux, MacOS and Windows

🤖 The Modern Port Scanner 🤖

Find secrets and passwords in container images and file systems

Python 3.5+ DNS asynchronous brute force utility