Awesome Open Source

Programming Languages

Search results for information security

information-security x

1,007 search results found

Eviltree ⭐ 348

A python3 remake of the classic "tree" command with the additional feature of searching for user provided keywords/regex in files, highlighting those that contain matches.

Gosint is a distributed asset information collection and vulnerability scanning platform

Venom is a library that meant to perform evasive communication using stolen browser socket

Koko Moni ⭐ 338

一个网络空间搜索引擎监控平台，可定时进行资产信息爬取，及时发现新增资产，本项目聚合了 Fofa、Hunter、Quake、Zoomeye 和 Threatbook 的数据源，并对获取到的数据进行去重与清洗

Dorknet ⭐ 333

Selenium powered Python script to automate searching for vulnerable web apps.

Crackerjack ⭐ 329

CrackerJack / Hashcat Web Interface / Context Information Security

Sec Admin ⭐ 329

分布式资产安全扫描核心管理系统(弱口令扫描，漏洞扫描)

Freedom Fighting Mode: open source hacking harness

A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.

Useful_websites_for_pentester ⭐ 324

This repository is to make life of the pentester easy as it is a collection of the websites that can be used by pentesters for day to day studies and to remain updated.

Krbuacbypass ⭐ 322

UAC Bypass By Abusing Kerberos Tickets

Resources ⭐ 322

Tools, data, and contact lists relevant to The disclose.io Project.

Osint_team_links ⭐ 313

Links for the OSINT Team

Qvm Create Windows Qube ⭐ 312

Spin up new Windows qubes quickly, effortlessly and securely on Qubes OS

S4utomato ⭐ 310

Escalate Service Account To LocalSystem via Kerberos

Getaltname ⭐ 306

Extract subdomains from SSL certificates in HTTPS sites.

Malcolm ⭐ 305

Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.

Megplus ⭐ 301

Automated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]

Toolkit ⭐ 301

The essential toolkit for reversing, malware analysis, and cracking

Smogcloud ⭐ 299

Find cloud assets that no one wants exposed 🔎 ☁️

Rescope ⭐ 298

A scope generation tool for Burp Suite & ZAP

Werdlists ⭐ 296

⌨️ Wordlists, Dictionaries and Other Data Sets for Writing Software Security Test Cases

Second Order ⭐ 295

Second-order subdomain takeover scanner

Bug Bounty ⭐ 295

Bug Bounty ~ Awesomes | Books | Cheatsheets | Checklists | Tools | Wordlists | More

Osint Cheat Sheet ⭐ 293

OSINT cheat sheet, list OSINT tools, dataset, article, book and OSINT tips

Lit Bb Hack Tools ⭐ 293

Little Bug Bounty & Hacking Tools⚔️

Hardenedbsd ⭐ 291

HardenedBSD development tree.

Awesome Job Boards ⭐ 291

A curated list of awesome jobs

Asnlookup ⭐ 288

Leverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.

Novahot ⭐ 285

A webshell framework for penetration testers.

Pwndoc Ng ⭐ 273

Pentest Report Generator

Isthislegit ⭐ 271

Dashboard to collect, analyze, and respond to reported phishing emails.

Evilginx3 Phishlets ⭐ 268

Learn my systematic process of creating Evilginx Phishlets from scratch: https://www.simplerhacking.com

Google Dorks Simplified ⭐ 266

Best Resource for learning Google Dorks

Hackthebox ⭐ 264

Notes Taken for HTB Machines & InfoSec Community.

Openuba ⭐ 264

A robust, and flexible open source User & Entity Behavior Analytics (UEBA) framework used for Security Analytics. Developed with luv by Data Scientists & Security Analysts from the Cyber Security Industry. [PRE-ALPHA]

Credphish ⭐ 262

CredPhish is a PowerShell script designed to invoke legitimate credential prompts and exfiltrate passwords over DNS.

Sbt Dependency Check ⭐ 259

SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈

My Talks ⭐ 257

List of my talks and workshops: security engineering, applied cryptography, secure software development

Phomber ⭐ 255

[PH0MBER]: An open source infomation grathering & reconnaissance framework!

An advanced tool for email reconnaissance

Cve 2019 1003000 Jenkins Rce Poc ⭐ 254

Jenkins RCE Proof-of-Concept: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative)

Slack Watchman ⭐ 252

Slack enumeration and exposed secrets detection tool

Woobuntu ⭐ 252

Bucketloot ⭐ 252

BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for custom keywords as well as Regular Expressions from publicly-exposed storage buckets by scanning files that store data in plain-text.

Autosqli ⭐ 252

An automatic SQL Injection tool which takes advantage of ~DorkNet~ Googler, Ddgr, WhatWaf and sqlmap.

Credsleaker ⭐ 251

Credsleaker allows an attacker to craft a highly convincing credentials prompt using Windows Security, validate it against the DC and in turn leak it via an HTTP request.

Pockint ⭐ 251

A portable OSINT Swiss Army Knife for DFIR/OSINT professionals 🕵️ 🕵️ 🕵️

Python Codext ⭐ 250

Python codecs extension featuring CLI tools for encoding/decoding anything

Arsenal ⭐ 247

Arsenal is a Simple shell script (Bash) used to install tools and requirements for Bug Bounty

Secure Desktop ⭐ 243

Anti-keylogger/anti-rat application for Windows

Magicrecon ⭐ 240

MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats.

Armor is a simple Bash script designed to create encrypted macOS payloads capable of evading antivirus scanners.

Masterparser ⭐ 238

MasterParser is a powerful DFIR tool designed for analyzing and parsing Linux logs

Reverse Engineering Tutorials ⭐ 238

Some Reverse Engineering Tutorials for Beginners

Hatsploit ⭐ 236

Modular penetration testing platform that enables you to write, test, and execute exploit code.

Golang library for malware development

Getting Started In Infosec ⭐ 229

A noob friendly guide for juniors starting off in infosec. Pull requests welcome!

Keepnote ⭐ 228

Quick and Dirty Penetration Testing Notes

Yar is a tool for plunderin' organizations, users and/or repositories.

Malware Database ⭐ 226

A large repository of malware samples with 2500+ malware samples & source codes for a variety of platforms by Cryptware Apps.

C2 Tracker ⭐ 225

Live Feed of C2 servers, tools, and botnets

Wifi Password Stealer ⭐ 223

Simple Windows and Linux keystroke injection tool that exfiltrates stored WiFi data (SSID and password).

Pandora ⭐ 223

Pandora is an analysis framework to discover if a file is suspicious and conveniently show the results

Rawsec Cybersecurity Inventory ⭐ 221

An inventory of tools and resources about CyberSecurity that aims to help people to find everything related to CyberSecurity.

Personal Security Checklist ⭐ 221

Personal security checklist for securing your devices and accounts.

Golinkfinder ⭐ 217

A fast and minimal JS endpoint extractor

Awesome Pentest ⭐ 214

💻⚔️ A collection of awesome penetration testing resources, tools, and other shiny things.

Umbrella_android ⭐ 214

Open source Android, iOS and Web app for learning about and managing digital and physical security. From how to send a secure message to dealing with a kidnap. Umbrella has best practice guides in over 40 topics in multiple languages. Used daily by people working in high risk countries - journalists, activists, diplomats, business travelers etc.

Allinfosecnews_sources ⭐ 212

A list of online news & info sources in the InfoSec/Cybersecurity space

A vulnerable iOS App with Security Challenges for the Security Researcher inside you.

Learn365 ⭐ 207

This repository is about @AnubhavSingh_'s 365 days of Learning Tweets collection.

Hacker Container ⭐ 207

The Swiss Army Container for Cloud Native Security. Container with all the list of useful tools/commands while hacking and securing Containers, Kubernetes Clusters, and Cloud Native workloads.

Find exposed API keys based on RegEx and get exploitation methods for some of keys that are found

Api Securityempire ⭐ 204

API Security Projecto aims to present unique attack & defense methods in API Security field

Generate tens of thousands of subdomain combinations in a matter of seconds

Jormungandr ⭐ 201

Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.

Astra is a tool to find URLs and secrets inside a webpage/files

Mrkaplan ⭐ 200

MrKaplan is a tool aimed to help red teamers to stay hidden by clearing evidence of execution.

Conf Presentations ⭐ 199

Quarkslab conference talks

Google Dorker ⭐ 197

Automate dorking while doing bug bounty or other stuffs.

Handbook ⭐ 196

A living document for penetration testing and offensive security.

Contact.sh ⭐ 196

An OSINT tool to find contacts in order to report security vulnerabilities.

Pentest Reports ⭐ 196

Collection of penetration test reports and pentest report templates. Published by the the best security companies in the world.

Reading Material ⭐ 195

📚 Stuff to read up

Miniprint ⭐ 193

A medium interaction printer honeypot 🍯

Infosecstreams.github.io ⭐ 192

A (hopefully) actively maintained activity-based-autosorted list of InfoSec Streamers

Conti Pentester Guide Leak ⭐ 191

Leaked pentesting manuals given to Conti ransomware crooks

Ice9 Bluetooth Sniffer ⭐ 189

Wireshark-compatible all-channel BLE sniffer for bladeRF, with wideband Bluetooth sniffing for HackRF and USRP

qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.

Devbrute ⭐ 186

DevBrute is a versatile password brute forcing tool designed to tackle a wide range of Social Media accounts and Web Applications. With its robust capabilities, it's adept at breaking through various security barriers.

Hawkeye ⭐ 179

Hawkeye filesystem analysis tool

Jiraffe ⭐ 178

One stop place for exploiting Jira instances in your proximity

Gf Secrets ⭐ 176

Secret and/or credential patterns used for gf.

Application Security Engineer Interview Questions ⭐ 174

Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer

Gitlab Watchman ⭐ 174

Finding exposed secrets and personal data in GitLab

Bugbountydash ⭐ 174

[depreciated] Terminal dashboard for bug bounty hunters that use HackerOne and Bugcrowd

Docker Security Images ⭐ 173

🔐 Docker Container for Penetration Testing & Security

Octopuswaf ⭐ 170

OctopusWAF is a WAF( Web application firewall) with high performance, made in C language and use libevent.

Related Searches

Python Information Security (342)

Penetration Testing Information Security (281)

201-300 of 1,007 search results

Privacy | About | Terms | Follow Us On Twitter

Copyright 2018-2024 Awesome Open Source. All rights reserved.