1586 Open source projects that are alternatives of or similar to Vajra

Incredibly fast crawler designed for OSINT.

Web Application Security Scanner Framework

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting

Create a VPS on Google Cloud Platform or Digital Ocean easily with Offensive Docker included to launch assessment to the targets.

HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.

An OSINT CLI tool desgined to fast track IP Reputation and Geo-locaton look up for Security Analysts.

SocialPwned is an OSINT tool that allows to get the emails, from a target, published in social networks such as Instagram, Linkedin and Twitter to find possible credentials leaks in PwnDB.

A toolkit for Security Researchers

大型内网渗透扫描器&Cobalt Strike，Ladon8.9内置120个模块，包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2，密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem，Poc/Exploit,支持Cobalt Strike 3.X-4.0

CMS Detection and Exploit Kit based on Whatcms.org API

retrieve information via O365 with a valid cred

The linux choice collection tools

Capture-the-Flag (CTF) environment setup tools for OWASP Juice Shop

Paskto - Passive Web Scanner

People tracker on the Internet: OSINT analysis and research tool by Jose Pino

List of Awesome Asset Discovery Resources

OnionSearch is a script that scrapes urls on different .onion search engines.

Offensive tools as Dockerfiles. Lightweight & Ready to go

Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing.

Information Gathering Instagram.

The Simplistic Information Gathering Engine | Find Advanced Information on a Username, Website, Phone Number, etc.

Yet Another PHP Shell - The most complete PHP reverse shell

Generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage.

Burp Suite extension to discover assets from HTTP response.

Discover internet-wide misconfigurations while drinking coffee

This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference

Automated network asset, email, and social media profile discovery and cataloguing.

Just Another Linux Enumeration Script: A Bash script for locally enumerating a compromised Linux box

A passive subdomain finder

A REST API security testing framework.

Tool to automate common OSINT tasks

Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation

🎯 XML External Entity (XXE) Injection Payload List

Simple multi threaded tool to extract domain related data from commoncrawl.org

Snoop — инструмент разведки на основе открытых данных (OSINT world)

Dark Web OSINT Tool

A fast GitHub stargazers information gathering tool

Extracting URLs of a specific target based on the results of "commoncrawl.org"

Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

LeakScraper is an efficient set of tools to process and visualize huge text files containing credentials. Theses tools are designed to help penetration testers and redteamers doing OSINT by gathering credentials belonging to their target.

Linux privilege escalation checks (systemd, dbus, socket fun, etc)

This repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions

🔎 Find usernames and download their data across social media.

All In One Pentesting Tool For Recon & Auditing , Phone Number Lookup , Header , SSH Scan , SSL/TLS Scan & Much More.

ASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight

locate and attack Lync/Skype for Business

This tool gives information about the phone number that you entered.

Social media hunter

Advanced Reconnaissance tool to enumerate attacking surface of the target.

Docker image for osint

(deprecated) Android application vulnerability analysis and Android pentest tool

Selenium powered Python script to automate searching for vulnerable web apps.

Unofficial WhatCMS API package

🖖 Fast, modern, easy-to-use network scanner

findCDN is a tool created to help accurately identify what CDN a domain is using.

Gosint is a distributed asset information collection and vulnerability scanning platform

💀 A bash hacking and scanning framework.

Simple Python tool to check if there is an Office 365 instance linked to a domain.

TIGMINT: OSINT (Open Source Intelligence) GUI software framework