471 Open source projects that are alternatives of or similar to Webpocket

Exploit Pack -The next generation exploit framework

Recsech is a tool for doing Footprinting and Reconnaissance on the target web. Recsech collects information such as DNS Information, Sub Domains, HoneySpot Detected, Subdomain takeovers, Reconnaissance On Github and much more you can see in Features in tools .

HackerOne "in scope" domains

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

fireELF - Fileless Linux Malware Framework

Open-Source Security Architecture | 开源安全架构

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

A static analysis security vulnerability scanner for Ruby on Rails applications

Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

A tool to update your project's dependencies on GitHub. Runs on pyup.io, comes with a command line interface.

Watchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.

vulscan 扫描系统：最新的poc&exp漏洞扫描，redis未授权、敏感文件、java反序列化、tomcat命令执行及各种未授权扫描等...

syzkaller is an unsupervised coverage-guided kernel fuzzer

Plugin to block compilation when unapproved dependencies are used or code styling does not comply.

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

Identify vulnerabilities in running containers, images, hosts and repositories

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

Machine Learning based Intrusion Detection Systems are difficult to evaluate due to a shortage of datasets representing accurately network traffic and their associated threats. In this project we attempt at solving this problem by presenting two taxonomies

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

GitHub Sensitive Information Leakage（GitHub敏感信息泄露监控）

🏴‍☠️ Information Gathering tool 🏴‍☠️ DNS / Subdomains / Ports / Directories enumeration

Awesome hacking is an awesome collection of hacking tools.

🧰 A zero trust swiss army knife for working with X509, OAuth, JWT, OATH OTP, etc.

Contains Attack labs

Arissploit Framework is a simple framework designed to master penetration testing tools. Arissploit Framework offers simple structure, basic CLI, and useful features for learning and developing penetration testing tools.

snopf USB password token

Set of tools to audit SIP based VoIP Systems

🚀 Fast Port Scanner 🚀

A binary analysis framework

🔒 A curated checklist of 300+ tips for protecting digital security and privacy in 2021

DNS-Discovery is a multithreaded subdomain bruteforcer.

pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.

An application to assist in the organization and prioritization of software security activities.

Metasploit Cheat Sheet 💣

Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start

A tool to test security of json web token

The full story of the CLR implementation of Meterpreter

An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.

njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.

outis is a custom Remote Administration Tool (RAT) or something like that. It was build to support various transport methods (like DNS) and platforms (like Powershell).

A CLI tool for automating the importing, securing and usage of NordVPN (and in the future, more) OpenVPN servers through NetworkManager.

An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.

🚿 Sanitising your documents, one threat at a time. — Content Disarm & Reconstruction Software

Work in progress firewall for Linux syscalls, written in Rust

Proton Framework is a Windows post-exploitation framework similar to other Windows post-exploitation frameworks. The major difference is that the Proton Framework does most of its operations using Windows Script Host, with compatibility in the core to support a default installation of Windows 2000 with no service packs all the way through Windows 10.

A Central Control Plane for AWS Permissions and Access

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR

This is the full file system fuzzing framework that I presented at the Hack in the Box 2020 Lockdown Edition conference in April.

Web Application recon automation

A note-taking macOS app for penetration-testers.

Cat-Nip Automated Basic Pentest Tool - Designed For Kali Linux

EmbedOS - Embedded security testing virtual machine

The dum^H^H^Hsimplest encryption tool in the world.

Faster and more efficient stateless SYN scanner and banner grabber due to userland TCP/IP stack usage.

Hunt down the secrets from the WebArchives for Fun and Profit

A JWT (JSON Web Token) Encoder & Decoder

Exporter is a Burp Suite extension to copy a request to the clipboard as multiple programming languages functions.

Struts2の脆弱性S2-045, S2-055 および Jackson の脆弱性 CVE-2017-7525, CVE-2017-15095 の調査報告

protocol fuzzing toolkit