1586 Open source projects that are alternatives of or similar to Vajra

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

hacker, ready for more of our story ! 🚀

Social media hunter

A python tool to check subdomain takeover vulnerability

HOSTS file and research project to block all known NSA / GCHQ / C.I.A. / F.B.I. spying server

Ruby on Rails Phishing Framework

Powerfull XSS Scanning and Parameter analysis tool&gem

All In One Pentesting Tool For Recon & Auditing , Phone Number Lookup , Header , SSH Scan , SSL/TLS Scan & Much More.

Extracting URLs of a specific target based on the results of "commoncrawl.org"

🔎 Find usernames and download their data across social media.

Advanced Reconnaissance tool to enumerate attacking surface of the target.

A Fast Broken Link Hijacker Tool written in Python

A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.

Email recon made fast and easy, with a framework to build on

🔎 Find usernames across social networks

Dracnmap is an open source program which is using to exploit the network and gathering information with nmap help. Nmap command comes with lots of options that can make the utility more robust and difficult to follow for new users. Hence Dracnmap is designed to perform fast scaning with the utilizing script engine of nmap and nmap can perform various automatic scanning techniques with the advanced commands.

Credentials Checking Framework

🖖 Fast, modern, easy-to-use network scanner

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Docker image for osint

findCDN is a tool created to help accurately identify what CDN a domain is using.

Unofficial WhatCMS API package

pentest framework

vulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}

A simple keylogger for Windows, Linux and Mac

XSHOCK Shellshock Exploit

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

zynix-Fusion is a framework that aims to centralize, standardizeand simplify the use of various security tools for pentest professionals.zynix-Fusion (old name: Linux evil toolkit) has few simple commands, one of which is theinit function that allows you to define a target, and thus use all the toolswithout typing anything else.

🔪 Leak git repositories from misconfigured websites

🏴‍☠️ Tools for pentesting, CTFs & wargames. 🏴‍☠️

⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting

Toutatis is a tool that allows you to extract information from instagrams accounts such as e-mails, phone numbers and more

List of considerations for commerce site auditing and security teams. This is summary of action points and areas that need to be built into the Techinical Specific Document, or will be checked in the Security testing phases.

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

The best Hacking and PenTesting tools installer on the world

Adds a customizable "Send to..."-context-menu to your BurpSuite.

Linux enumeration tool for pentesting and CTFs with verbosity levels

💀 A bash hacking and scanning framework.

Simple Python tool to check if there is an Office 365 instance linked to a domain.

Nmap and NSE command line wrapper in the style of Metasploit

🔍 IRIS: An open-source intelligence framework

TIGMINT: OSINT (Open Source Intelligence) GUI software framework

Multi source CVE/exploit parser.

A list of resources for those interested in getting started in bug bounties

Python network worm that spreads on the local network and gives the attacker control of these machines.

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

Quiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.

Automated NoSQL database enumeration and web application exploitation tool.

web scanner - exploitation - information gathering

Repositório com conteúdo sobre web hacking em português

Gotanda is browser Web Extension for OSINT.

ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产，构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产，发现存在的薄弱点和攻击面。

An information gathering tool to collect git commit emails in version control host services

信息收集 OR 信息搜集

XposedOrNot (XoN) tool is to search an aggregated repository of xposed passwords comprising of ~850 million real time passwords. Usage of such compromised passwords is detrimental to individual account security.

An OSINT CLI tool desgined to fast track IP Reputation and Geo-locaton look up for Security Analysts.

LeakScraper is an efficient set of tools to process and visualize huge text files containing credentials. Theses tools are designed to help penetration testers and redteamers doing OSINT by gathering credentials belonging to their target.

Gosint is a distributed asset information collection and vulnerability scanning platform

DorkScout - Golang tool to automate google dork scan against the entiere internet or specific targets

平常看到好的渗透hacking工具和多领域效率工具的集合