1019 Open source projects that are alternatives of or similar to Vsaudit

安全总是无处不在...

Vanquish is Kali Linux based Enumeration Orchestrator. Vanquish leverages the opensource enumeration tools on Kali to perform multiple active information gathering phases.

python3写的综合扫描工具，主要用来存活验证，敏感文件探测(目录扫描/js泄露接口/html注释泄露)，WAF/CDN识别，端口扫描，指纹/服务识别，操作系统识别，POC扫描，SQL注入，绕过CDN，查询旁站等功能，主要用来甲方自测或乙方授权测试，请勿用来搞破坏。

🏆 Feature packed, easy-to-use game server API for Go back-ends and Javascript clients. Tutorials and examples included!

@viva_las_venus -- This project is to learn, teach and awareness about privacy and security in the digital life, to build a better, more open and more inclusive world together!

Security scanner coordinator

Documentation:

Simple script that checks a domain for email protections

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Scripts I use during pentest engagements.

A repository of sysmon configuration modules

Learning Penetration Testing of Android Applications

Dark Web OSINT Tool

开源的即时通讯(野火IM)系统

iOS CallKit framework and Android ConnectionService for React Native

A command line security audit tool for Amazon Web Services

NodeJS Simple Network Scanner

Burp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Application Security Testing (DAST).

Tools to automate and/or expedite response.

Analyses your Java and Python applications for open-source dependencies with known vulnerabilities, using both static analysis and testing to determine code context and usage for greater accuracy. https://eclipse.github.io/steady/

Generalized proof of concept tool which can be used for drop-in bruteforce protection when needed.

baresip library based SIP client for Android

A security monitoring solution for Kubernetes

SSH man-in-the-middle tool

Penetration Testing Platform

Python low-interaction honeyclient

Security automation content in SCAP, OSCAL, Bash, Ansible, and other formats

Post-Exploitation Framework

This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.

Collection of tips, tools and tutorials around infosec

PacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.

A small Php application to fetch archive url snapshots from archive.org. using it you can fetch complete list of snapshot urls of any year or complete list of all years possible. Made Specially for penetration testing purpose.

Semi-automatic OSINT framework and package manager

Android Security Suite for in-depth reconnaissance and static bytecode analysis based on Ghera benchmarks.

A set of recipes useful in pentesting and red teaming scenarios

Performing security tests inside your CI

The Cyber Security Platform MeliCERTes is part of the European Strategy for Cyber Security. MeliCERTes is a network for establishing confidence and trust among the national Computer Security Incident Response Teams (CSIRTs) of the Member States and for promoting swift and effective operational cooperation.

The SpecterOps project management and reporting engine

Automated Cyber Offense

A source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' quickly using static analysis with a json based rules engine. Ideal for scanning components before use or detecting feature level changes.

Alcide Kubernetes Audit Log Analyzer - Alcide kAudit

Password wordlist generator using song lyrics for targeted bruteforce audits / attacks. Useful for penetration testing or security research.

Scripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient

An advanced tool for email reconnaissance

A checklist for staying safe on the internet

IBM Fully Homomorphic Encryption Toolkit For Linux. This toolkit is a Linux based Docker container that demonstrates computing on encrypted data without decrypting it! The toolkit ships with two demos including a fully encrypted Machine Learning inference with a Neural Network and a Privacy-Preserving key-value search.

A curated list of awesome OSCP resources

🐞 Primitive Erlang Security Tool

Python Books for Security

📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.

Check read, write permissions on S3 buckets in your account

A tool to update your project's dependencies on GitHub. Runs on pyup.io, comes with a command line interface.

The Web Exploit Detector is a Node.js application used to detect possible infections, malicious code and suspicious files in web hosting environments

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能

Collection of the most common vulnerabilities found in iOS applications

Detect hidden files and text in images

📞 Giggle Jingle library for XMPP, implementation of XEP-0166.

Find exploit tool

Enumeration sub domains(枚举子域名)

Machine Learning based Intrusion Detection Systems are difficult to evaluate due to a shortage of datasets representing accurately network traffic and their associated threats. In this project we attempt at solving this problem by presenting two taxonomies