1310 Open source projects that are alternatives of or similar to Xunfeng

List of my talks and workshops: security engineering, applied cryptography, secure software development

A python tool to check subdomain takeover vulnerability

FUNDED is a novel learning framework for building vulnerability detection models.

The universal GraphQL API and CSPM tool for AWS, Azure, GCP, K8s, and tencent.

#INFILTRATE19 raptor's party pack

a passive scanner based on Mitmproxy and Arachni

pentest toolbox

Turn your VPS into an attack box

Web Recon & Exploitation Tool.

Provides lexical scanning operations on a String

DEF CON 26 Workshop - Attacking & Auditing Docker Containers Using Open Source

Spin up new Windows qubes quickly, effortlessly and securely on Qubes OS

Damn Vulnerable Bank is designed to be an intentionally vulnerable android application. This provides an interface to assess your android application security hacking skills.

Related subdomains finder

A schema and set of tools for using SQL to query cloud infrastructure.

Java API to talk to the SANE scanning daemon

Multi source CVE/exploit parser.

A simple remote tool in C#.

A concise, directive, specific, flexible, and free incident response plan template

TIGMINT: OSINT (Open Source Intelligence) GUI software framework

Search a filesystem for indicators of compromise (IoC).

Do some quick reconnaissance on a domain-based web-application

Feature-rich Post Exploitation Framework with Network Pivoting capabilities.

Toolset for detecting reflected xss in websites

Vulnerability assessment and penetration testing automation and reporting platform for teams.

A simple, smart and efficient document scanner for Android

Audits Python environments and dependency trees for known vulnerabilities

Linux privilege escalation checks (systemd, dbus, socket fun, etc)

Advanced Vulnerability Scanner Tool

Repository of my CTF writeups

Low Cost DIY Laser XY Scanner, Cutter, or Engraver

台大 計算機安全 - Pwn 簡報、影片、作業題目與解法 - Computer Security Fall 2019 @ CSIE NTU Taiwan

An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)

A Deliberately Insecure Web Application

Harbor in Kubernetes

Fluent assembly and type scanner 🔍 for .Net

sub domain wild card filtering tool

DNTScanner.Core is a .NET 4x and .NET Core 2x+ wrapper for the Windows Image Acquisition library.

Monitoring GitHub for sensitive data shared publicly

Central Processing Unit Information Gathering Tool

Fast and extensible network scanning library featuring multithreading, ping probing, and scan fetchers.

GradeJS analyzes production Webpack bundles without having access to the source code of a website. Instantly see vulnerabilities, outdated packages, and more just by entering a web application URL.

A scanner similar to bufio.Scanner, but it reads and returns lines in reverse order, starting at a given position and going backward.

Facebook Write-ups, PoC, and exploitation codes:

Git folder digger, I'm sure it's worthwhile stuff.

Unofficial WhatCMS API package

A web spider for shodan.io without using the Developer API.

findCDN is a tool created to help accurately identify what CDN a domain is using.

Jxnet is a Java library for capturing and sending custom network packet buffers with no copies. Jxnet wraps a native packet capture library (libpcap/winpcap/npcap) via JNI (Java Native Interface).

List of every possible vulnerabilities in computer security.

👓 Yet another binary vulnerbilities checker. An automated vulnerability scanner for ELF based on symbolic execution.

Open Source SIEM (Security Information and Event Management system).

PyIris is a modular remote access trojan toolkit written in python targeting Windows and Linux systems.

SMTP and IMAP checker / cracker for mailpass combolists with a user-friendly GUI, automated inbox test and many more features.

Side-channel file transfer between independent VMs or processes executed on the same physical host.

A tool for identifying misconfigured CloudFront domains

Scans PHP files for malwares and known threats

Exporting MISP event attributes to yara rules usable with Thor apt scanner

Load a fresh new copy of ntdll.dll via file mapping to bypass API inline hook.

This script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)