Awesome Open Source

Programming Languages

Search results for information security

information-security x

1,007 search results found

Preferred Network List Sniffer ⭐ 98

A reconnaissance tool for capturing and displaying SSIDs from device's Preferred Network List.

A static-code-analysis tool for performing security-focused code reviews. It enables an auditor to swiftly map the attack-surface of a large application, with an emphasis on identifying development anti-patterns and footguns.

Infosec Learning Materials ⭐ 97

Resource for developing infosec skills for OSCP

M4ngl3m3 ⭐ 95

Common password pattern generator using strings list

🕵️ OSINT Tool (github tracker)

Gather Open-Source Intelligence using PowerShell.

Superlibrary ⭐ 94

Information Security Library

Secfiles ⭐ 94

My files for security assessments, bug bounty and other security related stuff

Sinkholes ⭐ 94

🐛 Malware Sinkhole List in various formats

Tools.tldr.run ⭐ 93

A curated list of security tools for Hackers & Builders!

Evtx Hunter ⭐ 93

evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.

Infosec Jupyterthon ⭐ 93

A community event for security researchers to share their favorite notebooks

Oob Server ⭐ 92

A Bind9 server for pentesters to use for Out-of-Band vulnerabilities

Wwwordlist ⭐ 92

Wwwordlist is a wordlist generator for pentesters and bug bounty hunters. It extracts words from HTML, URLs, JS/HTTP/input variables, quoted texts in the text and mail files in order to generate wordlists.

Infosec Events ⭐ 92

List of past and future infosec related events.

Goaltdns ⭐ 90

A permutation generation tool written in golang

Slowloris ⭐ 89

Asynchronous Python implementation of SlowLoris DoS attack

Awesome Chinese Infosec Websites ⭐ 89

A curated list of Chinese websites and personal blogs about ethical hacking and pentesting

Nist To Tech ⭐ 88

An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)

Mongodb Honeyproxy ⭐ 88

A honeypot proxy for mongodb. When run, this will proxy and log all traffic to a dummy mongodb server.

This script will automatically set up an OSINT workstation starting from a Ubuntu OS.

CLI crypto swiss-army knife for performing and composing encoding, decoding, encryption, decryption, hashing, and other various cryptographic operations on streams of data from the command line; mostly intended for ad hoc, infosec-related uses.

Wireshark Cheatsheet ⭐ 82

Wireshark Cheat Sheet

Malware Feed ⭐ 82

Bringing you the best of the worst files on the Internet.

Potiron - Normalize, Index and Visualize Network Capture

Penetration Testing Cheat Sheet ⭐ 79

A guide to help people who are new to penetration testing and are looking to gain an overview of the penetration testing process. This guide will help anyone hoping to take the CREST CRT or Offensive Security's OSCP exam and will aim to cover each stage of compromising a host.

Sharpftpc2 ⭐ 79

A Streamlined FTP-Driven Command and Control Conduit for Interconnecting Remote Systems.

Exchange_webshell_detection ⭐ 78

Detect webshells dropped on Microsoft Exchange servers exploited through "proxylogon" group of vulnerabilites (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065)

Domainpasswordspray ⭐ 78

DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. It will automatically generate a userlist from the domain which excludes accounts that are expired, disabled locked out, or within 1 lockout attempt.

Multi-threaded Padding Oracle attacks against any service. Written in Rust.

Dorothy is a tool to test security monitoring and detection for Okta environments

Cve 2018 20555 ⭐ 78

Social Network Tabs Wordpress Plugin Vulnerability - CVE-2018-20555

Pastebinmarkdownxss ⭐ 78

XSS in pastebin.com and reddit.com via unsanitized markdown output

Cybersecurityroadmapsuggestions ⭐ 77

This repository contains a list of roadmaps I created with my suggestions on LinkedIn and Twitter.🤞🏻😌

All-in-one tool for managing vulnerability reports from AppSec pipelines

Controlcompass.github.io ⭐ 76

Pointing cybersecurity teams to thousands of detection rules and offensive security tests aligned with common attacker techniques

one-stop resource for all things offensive security.

NodeJS script to extract assets for the Apple bug bounty program from their security acknowledgments page for bug bounty recon.

Trickest Workflow for discovering log4j vulnerabilities and gathering the newest community payloads.

Network Covert Channels A University Level Course ⭐ 74

A free online class on network information hiding/steganography/covert channels that I teach at the FernUniversität in Hagen, Germany, and HS Worms, Germany.

Awesome Security Feed ⭐ 74

A semi-curated list of Security Feeds

Simplify your life with leak detection in JavaScript. NipeJS streamlines the use of regex, making it effortless to uncover potential leaks.

Automatic finder for subdomains vulnerable to takeover. Written in Go, based on @haccer's subjack.

Talosplus ⭐ 70

Talosplus is a fast and robust template based Intelligent automation framework primarily developed for Bug Bounty Automation

Assetnote ⭐ 70

Push notifications for passive DNS data

Opensource assets and vulnerability scanning tool

Onenoteanalyzer ⭐ 69

A C# based tool for analysing malicious OneNote documents

Awesome Secure Saas Apis ⭐ 69

A catalog of SaaS APIs and their security levels, compliance, and regulation like GDPR, ISO27001, PCI and others

Badactors ⭐ 68

Create a list of bad actors from public IP blacklist.

Resources For Application Security ⭐ 67

Some good resources for getting started with application security

Hardware Attacks State Of The Art ⭐ 67

Microarchitectural exploitation and other hardware attacks.

Proviesec Fuzz Scanner - dir/path web scanner

A fast and powerful http toolkit that take a list of domains to find active domains and other information such as status-code, title, response-time , server, content-type and many other

Resources ⭐ 64

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

Broadcast Anonymous Routing - A scalable system for efficient anonymous communications

Soundkeylogger ⭐ 63

An experimental project to demonstrate how a user keyboard input may be sniffed through the pattern analysis of the sounds emitted by the keystrokes.

TIGMINT: OSINT (Open Source Intelligence) GUI software framework

Cve 2023 22515 ⭐ 62

CVE-2023-22515: Confluence Broken Access Control Exploit

Pwdsafety ⭐ 61

🔒command line tool checking password safety🔒

Infosec Badges ⭐ 61

Badges for your GitHub tool presented at InfoSec Conference

Red Team Curation List ⭐ 60

A list to discover work of red team tooling and methodology for penetration testing and security assessment

PentBox is a tool that allows us to create honeypot in our system this is written in ruby language.

Ronin Exploits ⭐ 59

A Ruby micro-framework for writing and running exploits

Osmedeus Workflow ⭐ 58

Community Workflow for the Osmedeus Engine that describes basic reconnaissance methodology for you to build your own

Check_rep ⭐ 58

Check IP or Domain reputation against open-source Blacklists.

A Heroku-based web honeypot that can be used to create and monitor fake HTTP endpoints (i.e. honeytokens).

Infophish ⭐ 58

InfoPath Phishing Repo Resource

Curso de Ciência da Computação

A wordlist generator tool, that allows you to supply a set of words, giving you the possibility to craft multiple variations from the given words, creating a unique and ideal wordlist to use regarding a specific target.

Chkdomain ⭐ 57

🔍 Discover if a domain is resolvable or blocked by secure DNS and Ad-blocking services, and experience the innovative idea of DaaS - DNS as an Intelligence Service.

A collection of over 5.1 million sub-domains and assets belonging to public bug bounty programs, compiled into a repo, for performing bulk operations.

Bookmarks ⭐ 56

A personal list of various resources for those who are interested in learning about infosec and hacking and keeping themselves up to date. This is by no means a complete nor fresh list, but I occasionally add entries to lists.

Www Project Top 10 Low Code No Code Security Risks ⭐ 56

OWASP Low-Code/No-Code Top 10

Checkmyhttps ⭐ 56

We propose a user-friendly add-on that allows you to check if your encrypted web traffic (SSL/TLS) towards secured Internet servers (HTTPS) is not intercepted (being listened to).

Zero-setup SSH-based scanner with extensive visualizations for Debian server inventory, policy compliance and vulnerabilities

This script is (Mainly) for Beginner's

Training_materials_bookmarks ⭐ 55

Learn you a book for some infosec good

Apac Meetups ⭐ 55

A community contributed consolidated list of InfoSec meetups in the Asia Pacific region.

Feature-rich Post Exploitation Framework with Network Pivoting capabilities.

Infosec Bazaar ⭐ 54

A collection of infosec related scripts and information.

Vindicatetool ⭐ 54

LLMNR/NBNS/mDNS Spoofing Detection Toolkit

Automated attack surface mapper and vulnerability scanner (Work In Progress 🚧)

Reversinglabs Siem Rules ⭐ 53

A collection of various SIEM rules relating to malware family groups.

Containers ⭐ 53

Automated privilege escalation of the world's most popular Docker images.

Rfd Checker ⭐ 53

RFD Checker - security CLI tool to test Reflected File Download issues

Introspector ⭐ 52

A schema and set of tools for using SQL to query cloud infrastructure.

Chrome_extension ⭐ 52

Browser extension that uses intelligence to combat malicious websites by blocking them in real-time.

Sqli Postgres Rce Privesc Hacking Playground ⭐ 52

Application with SQL Injection vulnerability and possible privilege escalation. Free vulnerable app for ethical hacking / penetration testing training.

Servicenow ⭐ 52

ServiceNow widge-simple-list misconfiguration scanner

Awesome Infosec ⭐ 52

A curated list of awesome infosec blog posts, courses, books and more!

Cdnlookup ⭐ 51

一个使用 Edns-Client-Subnet(ECS) 遍历智能CDN节点IP地址的工具

Bumblecrypt ⭐ 50

A Bumblebee-inspired Crypter

Ldap Credentials Collector Backdoor Generator ⭐ 50

This script generate backdoor code which log username password of an user who have passed HTTP basic auth using LDAP credentials.

Reflectiveldr ⭐ 50

Position-idependent Windows DLL loader based on ReflectiveDLL project.

Vimana Framework ⭐ 50

Vimana is an experimental security framework that aims to provide resources for auditing Python web applications.

Web Client ⭐ 49

Reconmap's web client written in React. Manage all your pentest projects from a single place.

Ronin Code Asm ⭐ 49

A Ruby DSL for crafting assmebly programs and shellcode.

Sifter - All purpose penetration testing op-center

Metaforge ⭐ 49

An OSINT Metadata analyzing tool that filters through tags and creates reports

Cve 2023 6553 ⭐ 49

Backup Migration <= 1.3.7 - Unauthenticated Remote Code Execution

Related Searches

Python Information Security (342)

Penetration Testing Information Security (281)

401-500 of 1,007 search results

Privacy | About | Terms | Follow Us On Twitter

Copyright 2018-2024 Awesome Open Source. All rights reserved.