550 Open source projects that are alternatives of or similar to Zigdiggity

Exporter is a Burp Suite extension to copy a request to the clipboard as multiple programming languages functions.

iOS/macOS/Linux Remote Administration Tool

A static analysis security vulnerability scanner for Ruby on Rails applications

Let's you perform domain/IP information gathering... in BASH! Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?"

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)

InQL - A Burp Extension for GraphQL Security Testing

A Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.

SSRF (Server Side Request Forgery) testing resources

Collection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)

Daemon to ban hosts that cause multiple authentication errors

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

Secure, human-friendly, cross-platform secrets and config.

Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK

Curated List of Privacy Respecting Services and Software

Awesome PHP Security Resources 🕶🐘🔐

Tools to automate and/or expedite response.

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

An information gathering tool to collect git commit emails in version control host services

A repository of sysmon configuration modules

A collection of awesome security hardening guides, tools and other resources

NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.

Penetrum LLC opensource security tool list.

Security automation content in SCAP, OSCAL, Bash, Ansible, and other formats

emba - An analyzer for Linux-based firmware of embedded devices.

The request.bin of DNS request

Reconnaissance tool for GitHub code search. Finds exposed API keys using pattern matching, commit history searching, and a unique result scoring system.

Python3 script to perform LDAP queries and enumerate users, groups, and computers from Windows Domains. Ldap_Search can also perform brute force/password spraying to identify valid accounts via LDAP.

Terraform module to set up your AWS account with the secure baseline configuration based on CIS Amazon Web Services Foundations and AWS Foundational Security Best Practices.

Infection Monkey - An automated pentest tool

Open Repository for the Open Security and Privacy Reference Architecture

Most usable tools for iOS penetration testing

An open source tool to aid in command line driven generation of bug bounty reports based on user provided templates.

a javascript static security analysis tool

🍿 The perfect Checklist Website for meticulous developers.

A binary analysis framework

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

The opposite of Ruler, provides blue teams with the ability to detect Ruler usage against Exchange.

SkyArk helps to discover, assess and secure the most privileged entities in Azure and AWS

A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).

[Official] Android reverse engineering tool focused on dynamic instrumentation automation. Powered by Frida. It disassembles dex, analyzes it statically, generates hooks, discovers reflected methods, stores intercepted data and does new things from it. Its aim is to be an all-in-one Android reverse engineering platform.

🔎 Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.

JAVA安全SDK及编码规范

DNS-Discovery is a multithreaded subdomain bruteforcer.

📷 ViewFinder - NodeJS product to make the browser into a web app. WTF RBI. CBII. Remote browser isolation, embeddable browserview, secure chrome saas. Licenses, managed, self-hosted. Like S2, WebGap, Bromium, Authentic8, Menlo Security and Broadcom, but open source with free live demos available now! Also, integrated RBI/CDR with CDR from https://github.com/dosyago/p2%2e

The clever vulnerability dependency finder

Detect secret in source code, scan your repo for leaks. Find secrets with GitGuardian and prevent leaked credentials. GitGuardian is an automated secrets detection & remediation service.

WeirdAAL (AWS Attack Library)

Collection of PowerShell network security scripts for system administrators.

All-in-one tool for managing vulnerability reports from AppSec pipelines

All releases of the security research group (a.k.a. hackers) The Hacker's Choice

An application to assist in the organization and prioritization of software security activities.

StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.

一行代码检测XP/调试/多开/模拟器/root

This tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs enabling attackers to read data they shouldn't be able to. This tool is originally based on Microsoft: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in

Hardening Ubuntu. Systemd edition.

r0ak ("roak") is the Ring 0 Army Knife -- A Command Line Utility To Read/Write/Execute Ring Zero on for Windows 10 Systems

Qualys sslabs-scan utility in a tiny docker image

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

ServerScan一款使用Golang开发的高并发网络扫描、服务探测工具。

Friends don't let friends leak secrets on their terminal window 🙈