568 Open source projects that are alternatives of or similar to Zbang

一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具，可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如：Title、Domain、CDN、指纹信息、状态信息等。

Watchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.

Collection of PowerShell network security scripts for system administrators.

Firewall bypass script based on DNS history records. This script will search for DNS A history records and check if the server replies for that domain. Handy for bugbounty hunters.

A ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

HostHunter a recon tool for discovering hostnames using OSINT techniques.

Next generation web scanner

Scapy: the Python-based interactive packet manipulation program & library. Supports Python 2 & Python 3.

Tool made to automate tasks of pentesting.

memory search and patch tool on debuggable apk without root & ndk

FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.

Light NodeJS rate limiting and response delaying using Redis - including Express middleware.

⌨️ Wordlists, Dictionaries and Other Data Sets for Writing Software Security Test Cases

A simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support

Burp Extender plugin that generates a sitemap of a website using Wayback Machine

LdapTools is a feature-rich LDAP library for PHP 5.6+.

Swift binary that will change a local administrator password to a random generated password. Similar behavior to LAPS for Windows

安全编排与自动化响应平台

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

Extract uncompiled, uncompressed SPA code from Webpack source maps.

PoC code from DEF CON 25 presentation

Bash script to audit and fix macOS Catalina (10.15.x) security settings

ContainerSSH: Launch containers on demand

Intelligence and Reconnaissance Package/Bundle installer.

Network recon framework, published by @cea-sec & @ANSSI-FR. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, collect and analyse network intelligence from your sensors, and much more!

Ansible role to apply a security baseline. Systemd edition.

Mercury: network metadata capture and analysis

Reverse shell generator written in Python 3.

A Virtual environment for Pentesting IoT Devices

A collection of security related Python and Bash shell scripts. Analyze hosts on generic security vulnerabilities. Wrapper around popular tools like nmap (portscanner), nikto (webscanner) and testssl.sh (SSL/TLS scanner)

Patch-level verification for Bundler

Endpoint detection & Malware analysis software

Fuzz your Rust code with Google-developed Honggfuzz !

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

PowerShell scripts ranging from SCCM, MSO, AD, and other corporate enterprise uses... to sending cat facts to coworkers.

Advanced and easy to use penetration testing framework 💣🔎

Awesome Java Security Resources 🕶☕🔐

Automated, extensible toolset that runs cypher queries against Bloodhound's Neo4j backend and saves output to spreadsheets.

File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

Search exposed EBS volumes for secrets

HackerOne "in scope" domains

Hide secrets with invisible characters in plain text securely using passwords 🧙🏻‍♂️⭐

🔧 Automatically deploy customizable Active Directory labs in Azure

Active Directory password filter featuring breached password checking and custom complexity rules

dnxfirewall (dad's next-gen firewall), a pure Python next generation firewall built on top of Linux kernel/netfilter.

List of Awesome Windows Security Resources

multiOTP open source strong two factor authentication PHP library, OATH certified, with TOTP, HOTP, Mobile-OTP, YubiKey, SMS, QRcode provisioning, etc.

🛡️⚔️ Protect your web app from DDOS attack or the Dead Ping + CAPTCHA VERIFICATION in one line!

Ghidra Analysis Enhancer 🐉

Recsech is a tool for doing Footprinting and Reconnaissance on the target web. Recsech collects information such as DNS Information, Sub Domains, HoneySpot Detected, Subdomain takeovers, Reconnaissance On Github and much more you can see in Features in tools .

Tools of "The Bug Hunters Methodology V2 by @jhaddix"

Fast SNMP Scanner

Official Black Hat Arsenal Security Tools Repository

Web UI for managing users and groups in multiple directory services.

Find cloud assets that no one wants exposed 🔎 ☁️

A ZigBee hacking toolkit by Bishop Fox

A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.

Collecting & Hunting for IOCs with gusto and style

A Go implementation of dirsearch.