Search Results for "scanning attack"
Sort By:
Showing 28 open source projects for "scanning attack"
View related business solutions-
Build on Google Cloud with $300 in Free CreditStart your next project with $300 in free Google Cloud credit. Spin up VMs, run containers, query exabytes in BigQuery, or build AI apps with Vertex AI and Gemini. Once your credits are used, keep building with 20+ products with free monthly usage, including Compute Engine, Cloud Storage, GKE, and Cloud Run functions. Sign up to start building right away.
-
Easily Host LLMs and Web Apps on Cloud RunRun frontend and backend services, batch jobs, host LLMs, and queue processing workloads without the need to manage infrastructure. Cloud Run gives you on-demand GPU access for hosting LLMs and running real-time AI—with 5-second cold starts and automatic scale-to-zero so you only pay for actual usage. New customers get $300 in free credit to start.
-
1
bettercap
The Swiss Army knife for 802.11, BLE, IPv4 and IPv6 networks
bettercap is a powerful, easily extensible and portable framework written in Go which aims to offer to security researchers, red teamers and reverse engineers an easy to use, all-in-one solution with all the features they might possibly need for performing reconnaissance and attacking WiFi networks, Bluetooth Low Energy devices, wireless HID devices and Ethernet networks. -
2
A.I.G
Full-stack AI Red Teaming platform
AI-Infra-Guard is a powerful open-source security platform from Tencent’s Zhuque Lab designed to assess the safety and resilience of AI infrastructures, codebases, and components through automated scanning and evaluation tools. It brings together AI infrastructure vulnerability scanning, MCP server risk analysis, and jailbreak evaluation into a unified workflow so that enterprises and individuals can identify critical security issues without relying on external services. Users can deploy it via Docker or scripts to get a modern web UI that guides them through tasks like scanning third-party frameworks for known CVEs and experimenting with prompt security against attack vectors. ... -
3
CyberStrikeAI
CyberStrikeAI is an AI-native security testing platform built in Go
CyberStrikeAI is an AI-native security testing platform built in Go that brings autonomous penetration testing, vulnerability discovery, and attack chain analysis into a unified interface. The platform integrates over 100 security tools out of the box and pairs them with an intelligent orchestration engine that can be directed via natural language or policy definitions, allowing users to automate reconnaissance, scanning, exploitation, and reporting without manual sequencing of tools. ... -
4
airgeddon
This is a multi-use bash script for Linux systems
airgeddon is an alive project growing day by day. Interface mode switcher (Monitor-Managed) keeping selection even on interface name changing. DoS over wireless networks using different methods (mdk3, mdk4, aireplay-ng). "DoS Pursuit mode" is available to avoid AP channel hopping (available also on DoS performed on Evil Twin attacks). Full support for 2.4Ghz and 5Ghz bands. Assisted WPA/WPA2 personal networks Handshake file and PMKID capturing. Cleaning and optimizing Handshake captured... -
Cut Data Warehouse Costs up to 54% with BigQueryBigQuery delivers up to 54% lower TCO than cloud alternatives. Migrate from legacy or competing warehouses using free BigQuery Migration Service with automated SQL translation. Get serverless scale with no infrastructure to manage, compressed storage, and flexible pricing—pay per query or commit for deeper discounts. New customers get $300 in free credit.
-
5
SSRFmap
Automatic SSRF fuzzer and exploitation tool
SSRFmap is a specialized security tool designed to automate the detection and exploitation of Server Side Request Forgery (SSRF) vulnerabilities. It takes as input a Burp request file and a user-specified parameter to fuzz, enabling you to fast-track the identification of SSRF attack surfaces. It includes multiple exploitation “modules” for common SSRF-based attacks or pivoting techniques, such as DNS zone transfers, MySQL/Postgres command execution, Docker API info leaks, and network scans.... -
6
Wifipumpkin3
Powerful framework for rogue access point attack
wifipumpkin3 is powerful framework for rogue access point attack, written in Python, that allow and offer to security researchers, red teamers and reverse engineers to mount a wireless network to conduct a man-in-the-middle attack. -
7
VcenterKit
Vcenter Comprehensive Penetration and Exploitation Toolkit
VcenterKit is a Python-based toolkit focused on penetration testing and exploitation targeting VMware vCenter environments, giving security researchers and red team professionals a consolidated toolset to assess and exploit known vulnerabilities. The project includes modules that automate the detection and exploitation of specific CVEs (common vulnerabilities and exposures) in vCenter servers, often used to manage virtual infrastructure in enterprise environments. With features tailored... -
8
GraphQLmap
GraphQLmap is a scripting engine to interact with endpoints
...It can connect to a target GraphQL endpoint, dump the schema (if introspection is enabled), query it interactively, and fuzz fields for NoSQL/SQL injection vectors, thereby revealing hidden attack surfaces. GraphQL endpoints represent a relatively newer attack vector compared to REST, and GraphQLmap helps bridge this gap by providing tooling tailored to the GraphQL paradigm. Because many modern applications adopt GraphQL for flexibility, this tool is useful when scanning and attacking API back ends where typical REST-based tools fall short. ... -
9
ISB
ISB (I'm so bored) is a network stress-testing application for Windows
ISB (I'm so bored) is a network stress-testing application for Windows created by byte[size] Software byte[size] Software: https://github.com/softbytesize Frontpage: https://softbytesize.github.io/ISB/ Support: https://softbytesize.github.io/ISB#cu Documentation: https://softbytesize.github.io/ISB/#helpstart Releases: https://github.com/softbytesize/ISB-Releases/releases Discord: https://discord.com/invite/9YNzrXDHxE -
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
10
Shennina
Automating Host Exploitation with AI
Shennina is an automated host exploitation framework. The mission of the project is to fully automate the scanning, vulnerability scanning/analysis, and exploitation using Artificial Intelligence. Shennina is integrated with Metasploit and Nmap for performing the attacks, as well as being integrated with an in-house Command-and-Control Server for exfiltrating data from compromised machines automatically. Shennina scans a set of input targets for available network services, uses its AI engine to identify recommended exploits for the attacks, and then attempts to test and attack the targets. ... -
11
Command Line
Your Personal Hacking Terminal.
Command Line is an Open-Source Software for Pentesters and Ethical Hackers it contains many Functionalities which helps Ethical Hackers. It is CLI Based Application use for checking Networks and IP's it also supports functionalities like downloading Packages from Internet Including YouTube.It is also used for Port scanning, IP-Finding it is also useful for checking ping and net speed with the functionality of scanning the net speed by selecting the best server. It also has Host IP finding... -
12
Kubesploit
Kubesploit is a cross-platform post-exploitation HTTP/2 Command
Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent dedicated for containerized environments written in Golang and built on top of Merlin project by Russel Van Tuyl. While researching Docker and Kubernetes, we noticed that most of the tools available today are aimed at passive scanning for vulnerabilities in the cluster, and there is a lack of more complex attack vector coverage. They might allow you to see the problem but not exploit it. It is important to run the exploit to simulate a real-world attack that will be used to determine corporate resilience across the network. When running an exploit, it will practice the organization's cyber event management, which doesn't happen when scanning for cluster issues. ... -
13
Free Data Recovery Software for Windows
Deep scan and recover your deleted files on Windows 10
This Windows data recovery tool is built to help users get back documents and files from a computer. The data recovery tool can also restore data from formatted and damaged hard drives. The software makes recovering deleted files easy and convenient. It is available for Windows users, and by downloading the software, one can start restoring all kinds of lost and deleted files without spending much time. When it comes to some of the fantastic features of this hard drive data... -
14
ReconSpider
Most Advanced Open Source Intelligence (OSINT) Framework
ReconSpider is most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Addresses, Emails, Websites, and Organizations and find out information from different sources. ReconSpider can be used by Infosec Researchers, Penetration Testers, Bug Hunters, and Cyber Crime Investigators to find deep information about their target. ReconSpider aggregate all the raw data, visualize it on a dashboard, and facilitate alerting and monitoring on the data. -
15
Kubestriker
A Blazing fast Security Auditing tool for Kubernetes
...It performs numerous in-depth checks on a range of services and open ports well across more than one platform such as self-hosted kubernetes, Amazon EKS, Azure AKS, Google GKE etc., to identify any misconfigurations which make organizations an easy target for attackers. In addition, it helps safeguard against potential attacks on Kubernetes clusters by continuously scanning for anomalies. Furthermore, it comprises the ability to see some components of Kubernetes infrastructure and provides visualized attack paths of how hackers can advance their attacks. -
16
Sudomy
Sudomy is a subdomain enumeration tool to collect subdomains
Sudomy is a subdomain enumeration tool to collect subdomains and analyze domains performing advanced automated reconnaissance (framework). This tool can also be used for OSINT (Open-source intelligence) activities. Easy, light, fast and powerful. Bash script (controller) is available by default in almost all Linux distributions. By using bash script multiprocessing feature, all processors will be utilized optimally. Subdomain enumeration process can be achieved by using active method or... -
17
Web Security Audit
Passively audits the security posture on current page for your browser
The goal of this project is to build an add-on for browser that passively audits the security posture of the websites that the user is visiting. Assume that the tool is to be used on non-malicious websites, currently not under attack or compromised. Add-on wants to report security misconfigurations, or failure to use best security practices. - Add-on tries to analysis the commonly vulnerable setting of servers: lack of use of security-relevant headers, including: -... -
18
AQUATONE
A tool for domain flyovers
Aquatone is a tool for visual inspection of websites across a large amount of hosts and is convenient for quickly gaining an overview of HTTP-based attack surface. Aquatone is designed to be as easy to use as possible and to integrate with your existing toolset with no or minimal glue. Aquatone is started by piping output of a command into the tool. It doesn't really care how the piped data looks as URLs, domains, and IP addresses will be extracted with regular expression pattern matching.... -
19
UDPStressTest
A Desktop app for network stress testing, TCP-Ping and icmp ping.
Easy to use GUI app. *It reads your active and Up NIC and gets some info about it. * You can see your machine IP Address, gateway, subnet mask. * You can ping any ip address you want and get measure of TTL. * It gets the available range of IP's in your local network. * When you start the test you see testing throughput as a graph against time also total size of packet sent in (MB). *You can use it as DOS attack tool. *Every action done on the app is logged in XML file as data source... -
20
Jihosoft iPhone Data Recovery
A powerful data recovery tool to recover data from iOS devices
This is an extraordinary iOS data recovery tool which empowers you to recover deleted/lost data from iPhone, iPad and iPod Touch. It is capable of retrieving deleted/lost photos, text messages, contacts, call log, whatsapp messages & attachments, videos, audio files and more documents from iOS devices due to various reasons (like deletion,virus attack,formatting,factory resetting,etc.) The powerful software enables you to recover lost or deleted data directly from iOS device and extract... -
21
Metasploit Framework
Metasploit Framework
Metasploit Framework is a comprehensive penetration-testing and exploit development platform that streamlines the process of discovering, validating, and demonstrating vulnerabilities. It provides a modular architecture—payloads, encoders, exploits, auxiliaries, and post-exploitation modules—so security professionals can piece together complex attack chains or test defensive controls in realistic ways. Built-in features include an exploit database, network scanners, credential harvesters,... -
22
EbraSha Dos Attacker Ver 4.0
Custom DOS Attack In Kali Linux
EbraSha Dos Attacker Ver 4.0 ----------- DESCRIPTION : EbraSha DOS Attacker is a network tool For custom DOS Attack EbraSha DOS Attacker Programming By Ebrahim Shafiei wiTh c++ ##### EbraSha DOS Attacker Site : Www.EbraSha.Org ----------- Features : + Syn Attack + UDP Attack + ICMP Attack + Pars Fuxy Attack Use The : (Syn,RST,PUSH,FIN,ACK,URG,XMAS,YMAS Tcp Flag) + EbraSha Crazy Attack (Send DDOS Fake Attacker To All Computer In Your Network) + EbraSha Black Sails... -
23
xxe
Intentionally vulnerable web services exploitable with XXE
An XML External Entity attack is a type of attack against an application that parses XML input. This attack occurs when XML input containing a reference to an external entity is processed by a weakly configured XML parser. This attack may lead to the disclosure of confidential data, denial of service, port scanning from the perspective of the machine where the parser is located. -
24
PhishBlock
A program that detects and blocks phishing, pharming, Hacker's C&C.
PhishBlock is a security program that detects and blocks Phishing, Pharming, Hacker’s C&C(Command and Control) Servers which are located in databases with URLs, DNS hostnames, and IP Addresses. This program detects and blocks Malware URLs, bad Hosts, and bad IP addresses. Recently, most malware codes are delivered covertly to users’ personal computers through Google ads, SNS, Blogs, BBS and so on, which users visit often. And After the malware codes connect the C&C server(or... -
25
HTTP Anti Flood/DoS Security Module
Detect Flooder IPs, Reduce Attack Surface against HTTP Flood Attacks
This module provides attack surface reduction enhancements against the HTTP Flood Attacks at the web application level. Massive crawling/scanning tools, HTTP Flood tools can be detected and blocked by this module via htaccess, firewall or iptables, etc. (like mod_evasive) You can use this module by including "iosec.php" to any PHP file which wants to be protected.
