1221 Open source projects that are alternatives of or similar to Webhashcat

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

A JWT (JSON Web Token) Encoder & Decoder

A small Php application to fetch archive url snapshots from archive.org. using it you can fetch complete list of snapshot urls of any year or complete list of all years possible. Made Specially for penetration testing purpose.

Python network worm that spreads on the local network and gives the attacker control of these machines.

🚀 Dashboards made easy in React JS.

IBM Fully Homomorphic Encryption Toolkit For Linux. This toolkit is a Linux based Docker container that demonstrates computing on encrypted data without decrypting it! The toolkit ships with two demos including a fully encrypted Machine Learning inference with a Neural Network and a Privacy-Preserving key-value search.

njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.

The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

The iOS Security Testing Framework

Detection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.

Code Climate Engineering Data Platform

Let's you perform domain/IP information gathering... in BASH! Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?"

Cloud Discovery provides a point in time enumeration of all the cloud native platform services

A Python3 based single-file subdomain enumerator

RedSnarf is a pen-testing / red-teaming tool for Windows environments

Add a GDPR-friendly Google Analytics opt-in/opt-out button to your site

Sample apps demonstrating the logic needed to implement SKAdNetwork as an ad network, publisher and advertiser.

Reverse Shell as a Service

Scripts to gather system configuration information for offline/remote auditing

Simplifying Seccomp enforcement in containerized or non-containerized apps

BurpSuite收集：包括不限于 Burp 文章、破解版、插件(非BApp Store)、汉化等相关教程，欢迎添砖加瓦---burpsuite-pro burpsuite-extender burpsuite cracked-version hackbar hacktools fuzzing fuzz-testing burp-plugin burp-extensions bapp-store brute-force-attacks brute-force-passwords waf sqlmap jar

OSM Analytics lets you interactively analyze how specific OpenStreetMap features are mapped in a specific region.

The Swiss Army knife for automated Web Application Testing

Ransom0 is a open source ransomware made with Python, designed to find and encrypt user data.

Passive Security Scanner (被动式安全扫描器)

Bash script purposed for system enumeration, vulnerability identification and privilege escalation.

WhiteWinterWolf's PHP web shell

Type safety + intellisense for your Segment analytics

An open source tool to aid in command line driven generation of bug bounty reports based on user provided templates.

Awesome CSIRT is an curated list of links and resources in security and CSIRT daily activities.

The analytical and reporting solution for MongoDB

The clever vulnerability dependency finder

Go-deliver is a payload delivery tool coded in Go.

ASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight

Linux命令转发记录

Matomo integration for Kirby, in both your panel and templates. Kirby 3 only.

A weekly email update of all the most popular wikipedia articles

Silentbridge is a toolkit for bypassing 802.1x-2010 and 802.1x-2004.

A declarative JavaScript library for application development using cloud services.

A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python

Simple Server Side Request Forgery services enumeration tool.

R package to access Adobe Analytics Reporting API v1.4

A .NET Standard library for pentesting web apps against credential stuffing attacks.

L&T Financial Services & Analytics Vidhya presents ‘DataScience FinHack’ organised by Analytics Vidhya

Custom memory allocator that helps discover reads from uninitialized memory

Tool to predict attacker groups from the techniques and software used

A framework for rapid reporting API development; with out of the box support for high cardinality dimension lookups with druid.

Streamr Core backend

An open-source time-series SQL database optimized for fast ingest and complex queries. Packaged as a PostgreSQL extension.

Empire HTTP(S) C2 redirector setup script

PyGraphistry is a Python library to quickly load, shape, embed, and explore big graphs with the GPU-accelerated Graphistry visual graph analyzer

Google Analytics API Symfony Bundle

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

WaTF Bank - What a Terrible Failure Mobile Banking Application for Android and iOS

Penetration Testing and Hacking CTF's Swiss Army Knife with: Reverse Shell Handling - Encoding/Decoding - Encryption/Decryption - Cracking Hashes / Hashing

Modern, privacy-friendly, and detailed web analytics that works without cookies or JS.

A high-level machine learning and deep learning library for the PHP language.

Network protocol auditing framework

🐎 A simple UI for InfluxDB