2175 Open source projects that are alternatives of or similar to Whatweb

Enumerate information from NTLM authentication enabled web endpoints 🔎

RSPET (Reverse Shell and Post Exploitation Tool) is a Python based reverse shell equipped with functionalities that assist in a post exploitation scenario.

A collection of special paths linked to major web CVEs, known misconfigurations, juicy APIs ..etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints and quick-wins.

⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting

Quack Toolkit is a set of tools to provide denial of service attacks. Quack Toolkit includes SMS attack tool, HTTP attack tool and many other attack tools.

This repository contains writeups for various CTFs I've participated in (Including Hack The Box).

This tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs enabling attackers to read data they shouldn't be able to. This tool is originally based on Microsoft: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in

zynix-Fusion is a framework that aims to centralize, standardizeand simplify the use of various security tools for pentest professionals.zynix-Fusion (old name: Linux evil toolkit) has few simple commands, one of which is theinit function that allows you to define a target, and thus use all the toolswithout typing anything else.

Pop shells like a master.

SSH man-in-the-middle tool

This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.

A collection of various awesome lists for hackers, pentesters and security researchers

Content for hackingthe.cloud

💣 Impulse Denial-of-service ToolKit

onex is a hacking tool installer and package manager for hackers. Onex is a library of all hacking tools for Termux and other Linux distributions. onex can install any third party tool or any hacking tool for you.

Automate Pentest Tool

A collection of personal scripts used in hacking excercises.

Functions that can be used to gain Reverse Shells with PowerShell

Chimera is a (shiny and very hack-ish) PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.

Awesome cloud enumerator

Offensive Reverse Shell (Cheat Sheet)

Dorks for shodan.io. Some basic shodan dorks collected from publicly available data.

Pentest environment deployer (kali linux + targets) using vagrant and chef.

Vanquish is Kali Linux based Enumeration Orchestrator. Vanquish leverages the opensource enumeration tools on Kali to perform multiple active information gathering phases.

Thefatrat a massive exploiting tool : Easy tool to generate backdoor and easy tool to post exploitation attack like browser attack and etc . This tool compiles a malware with popular payload and then the compiled malware can be execute on windows, android, mac . The malware that created with this tool also have an ability to bypass most AV softw…

Collection of tips, tools and tutorials around infosec

Graphical Web interface developed to facilitate the use of security information tools.

M3m0 Tool ⚔️ Website Vulnerability Scanner & Auto Exploiter

Don't let buffer overflows overflow your mind

Email OSINT & Password breach hunting tool, locally or using premium services. Supports chasing down related email

🦁 Juumla is a python tool created to identify Joomla version, scan for vulnerabilities and search for config or backup files.

WPrecon (WordPress Recon), is a vulnerability recognition tool in CMS Wordpress, developed in Go and with scripts in Lua.

Python network worm that spreads on the local network and gives the attacker control of these machines.

Password wordlist generator using song lyrics for targeted bruteforce audits / attacks. Useful for penetration testing or security research.

Kali Linux 工具合集中文说明书

Offensive tools as Dockerfiles. Lightweight & Ready to go

Subdomain enumeration through various techniques

⛔️ offsec batteries included

Nmap on steroids. Simple CLI with the ability to run pure Nmap engine, 31 modules with 459 scan profiles.

A fully automatic wifi deauther coded in Python

Python library and CLI for the Bug Bounty Recon API

A list of payload and bypass lists for penetration testing and red team infrastructure build.

Collection of quality safety articles. Awesome articles.

A tool that allows you to search for vulnerable android devices across the world and exploit them.

Thoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.

Linset is a WPA/WPA2 phishing tool (evil twin)

A simple PHP application to learn SQL Injection detection and exploitation techniques.

Proton Framework is a Windows post-exploitation framework similar to other Windows post-exploitation frameworks. The major difference is that the Proton Framework does most of its operations using Windows Script Host, with compatibility in the core to support a default installation of Windows 2000 with no service packs all the way through Windows 10.

Entropy Toolkit is a set of tools to provide Netwave and GoAhead IP webcams attacks. Entropy Toolkit is a powerful toolkit for webcams penetration testing.

Auto setup is a bash script compatible with Debian based distributions to install and setup necessary programs.

One-click installer for Frida and Burp certs for SSL Pinning bypass

All in One Termux Os..!! (New)

Framework RapidPayload - Metasploit Payload Generator | Crypter FUD AntiVirus Evasion

Search Google/Bing/Ecosia/DuckDuckGo/Yandex/Yahoo for a search term with a default set of websites, bug bounty programs or a custom collection.

Ghost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device. Ghost Framework gives you the power and convenience of remote Android device administration.

🔖 Modern Javascript keylogger with web panel

Generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage.

Mouse Framework is an iOS and macOS post-exploitation framework that gives you a command line session with extra functionality between you and a target machine using only a simple Mouse payload. Mouse gives you the power and convenience of uploading and downloading files, tab completion, taking pictures, location tracking, shell command execution, escalating privileges, password retrieval, and much more.

Lockphish it's the first tool (07/04/2020) for phishing attacks on the lock screen, designed to grab Windows credentials, Android PIN and iPhone Passcode using a https link.

Armor is a simple Bash script designed to create encrypted macOS payloads capable of evading antivirus scanners.