1221 Open source projects that are alternatives of or similar to Webhashcat

World's fastest and most advanced password recovery utility

API, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)

A REST API security testing framework.

Wordlist, rules and masks from Kaonashi project (RootedCON 2019)

⚡️ Worlds fastest steghide cracker, chewing through millions of passwords per second ⚡️

Open source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.

Container with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters

pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.

hydra

HostHunter a recon tool for discovering hostnames using OSINT techniques.

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)

Web Application Security Automation Framework which recons the target for various assets to maximize the attack surface for security professionals & bug-hunters

Rescope is a tool geared towards pentesters and bugbounty researchers, that aims to make life easier when defining scopes for Burp Suite and OWASP ZAP.

An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.

A set of recipes useful in pentesting and red teaming scenarios

无状态子域名爆破工具

Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

Scripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient

Common password pattern generator using strings list

EmbedOS - Embedded security testing virtual machine

Use ExpiredDomains.net and BlueCoat to find useful domains for red team.

ReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.

A Central Control Plane for AWS Permissions and Access

Native Android SDK for Amplitude

Study Notes For Web Hacking / Web安全学习笔记

Intel Owl: analyze files, domains, IPs in multiple ways from a single API at scale

Collection of PowerShell network security scripts for system administrators.

The ultimate WinRM shell for hacking/pentesting

Official PHP client for the Keen IO API. Build analytics features directly into your PHP apps.

Play detective on Reddit: Discover political disinformation campaigns, secret influencers and more

An encrypted data analytics platform

Hyuga 一个用来记录DNS查询和HTTP请求的监控工具。

Google Analytics plugin for Vue

🔒 A curated checklist of 300+ tips for protecting digital security and privacy in 2021

.NET for Apache® Spark™ makes Apache Spark™ easily accessible to .NET developers.

DefectDojo is an open-source application vulnerability correlation and security orchestration tool.

🧰 A zero trust swiss army knife for working with X509, OAuth, JWT, OATH OTP, etc.

A Cloudflare resolver that works

Windows one line commands that make life easier, shortcuts and command line fu.

渗透测试插件化并发框架 / Open-sourced remote vulnerability PoC/EXP framework

Red Teaming Tactics and Techniques

A simple dns resolver of dns-record and web-record log server for pentesting

Python network worm that spreads on the local network and gives the attacker control of these machines.

A robust, and flexible open source User & Entity Behavior Analytics (UEBA) framework used for Security Analytics. Developed with luv by Data Scientists & Security Analysts from the Cyber Security Industry. [PRE-ALPHA]

njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.

Detection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.

For all your network pentesting needs

The ToroDB solution to provide better analytics on top of MongoDB and make it easier to migrate from MongoDB to SQL

The full story of the CLR implementation of Meterpreter

🐾 A simple registration attribution tracking solution for Laravel (UTM Parameters and Referrers)

Add a GDPR-friendly Google Analytics opt-in/opt-out button to your site

Bash script purposed for system enumeration, vulnerability identification and privilege escalation.

NodeJS package for iTunes Connect app analytics API

A collection of useful scripts for Cobalt Strike

ASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight

Silentbridge is a toolkit for bypassing 802.1x-2010 and 802.1x-2004.

Python Interactive Deepweb-oriented Rapid Intelligent Link Analyzer

R package to access Adobe Analytics Reporting API v1.4

Custom memory allocator that helps discover reads from uninitialized memory