762 Open source projects that are alternatives of or similar to Webmap

Idiomatic nmap library for go developers

Monitoring your Slack workspaces for sensitive information

This repository contains writeups for various CTFs I've participated in (Including Hack The Box).

Backend logic implementation for Vulnerability Management System

Gorsair hacks its way into remote docker containers that expose their APIs

An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)

🔑 Hash type identifier (CLI & lib)

🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks

Scaling Network Scanning. Changes prior to 1.0 may cause difficult to avoid backwards incompatibilities. You've been warned.

A fully automatic wifi deauther coded in Python

HTTP Request Smuggling over HTTP/2 Cleartext (h2c)

Demonstrate how usage of the Java Security Manager can prevent Remote Code Execution (RCE) exploits.

parse nmap files

Chepy is a python lib/cli equivalent of the awesome CyberChef tool.

Interactive Threat Intelligence Bot that leverages serverless framework, AWS/GCP, and Slack

🔐 Vulnerability remediation scoring system

Scripts and a (future) library to improve users' interactions with the ATT&CK content

NSE scripts to detect CVE-2020-1350 SIGRED and CVE-2020-0796 SMBGHOST, CVE-2021-21972, proxyshell, CVE-2021-34473

Pre-connection attacks, gaining access & post-connection attacks on WEP, WPA & WPA2. 🛰✔️

Writeups for infosec Capture the Flag events by team Galaxians

Tool to check for dependency confusion vulnerabilities in multiple package management systems

Blind WAF identification tool

🦄🔒 Awesome list of secrets in environment variables 🖥️

Subdomain takeover vulnerability checker

MX1014 is a flexible, lightweight and fast port scanner.

A Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the necessary hardware and setup and finally provide some examples of how you can use the power of Zeek to have absolute control over your network.

A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit ARM & 64-bit ARM architectures.

⬆️ ☠️ Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, polkit, docker socket

Log4j Vulnerability Scanner for Windows

Repository of my CTF writeups

Automatic Enumeration Tool based in Open Source tools

This script will automating scanning list of hosts with nmap

Check linux sources dump for known CVEs.

WinAppDbg Debugger

My simple Swiss Army knife for http/https troubleshooting and profiling.

A Windows Batch script and a Unix Bash script to comprehensively collect host forensic data during incident response.

巡风是一款适用于企业内网的漏洞快速应急，巡航扫描系统。

This script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)

Nmap NSE scripts

Asyncio concurrent Python finds SSH servers (or other services with open ports) on an IPv4 subnet, WITHOUT NMAP

C# based tool which automates the process of discovering and exploiting DLL Hijacks in target binaries. The Hijacked paths discovered can later be weaponized during Red Team Operations to evade EDR's.

Hetty is an HTTP toolkit for security research.

渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms

Microarchitectural exploitation and other hardware attacks.

A community contributed consolidated list of InfoSec meetups in the Asia Pacific region.

A Python DNS crawler to find identical domain names under different TLDs.

log4j2 remote code execution or IP leakage exploit (with examples)

A curated list of awesome infosec courses and training resources.

A Python RESTful API framework for online malware analysis and threat intelligence services.

Infosec Wordlists

Simple Keylogger with smtp to send emails on your account using python works on linux and Windows

A collection of all the data i could extract from 1 billion leaked credentials from internet.

IP Tools To quickly get information about IP Address's, Web Pages and DNS records.

🙈 Interactively find and recover deleted or 👉 overwritten 👈 files from your terminal

This is the main repository of International Data Spaces Association on GitHub, where you can find general overview and required information on IDS Open Source Landscape.

快速搭建各种漏洞环境(Various vulnerability environment)

Jenkins RCE Proof-of-Concept: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative)

News and publication on cybersecurity in industry

A semi-curated list of Security Feeds

Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer