Search Results for "python tool" - Page 4
Sort By:
Showing 131 open source projects for "python tool"
View related business solutions-
Streamline Azure Security with Palo Alto Networks VM-SeriesImprove your security posture and reduce incident response time. Use the VM-Series to natively analyze Azure traffic and dynamically drive policy updates based on workload changes.
-
Ship Agents FasterGemini Enterprise Agent Platform lets you rapidly build, scale, govern and optimize production-ready agents grounded in your organization's data. The platform enables developers to build custom or pre-built agents for virtually any use case. New customers get $300 in free credits.
-
1
PyExfil
A Python Package for Data Exfiltration
PyExfil was born as a PoC and kind of a playground and grew to be something a bit more. In my eyes it’s still a messy PoC that needs a lot more work and testing to become stable. The purpose of PyExfil is to set as many exfiltrations, and now also communication, techniques that CAN be used by various threat actors/malware around to bypass various detection and mitigation tools and techniques. You can track changes at the official GitHub page. Putting it simply, it’s meant to be used as a... -
2
Trape
OSINT tool for tracking users and analyzing browser data online
Trape is an open source OSINT analysis and research tool designed to track and analyze users on the internet in real time. The project focuses on demonstrating how web browsers can reveal sensitive information about users while interacting with websites and online services. It provides researchers, security professionals, and organizations with a platform for studying how attackers could gather intelligence through social engineering techniques. The tool can clone websites and monitor... -
3
Osintgram
Osintgram is a OSINT tool on Instagram
Osintgram is an OSINT (Open Source Intelligence) tool designed to extract, analyze, and store information from public Instagram profiles. It allows users to retrieve data like followers, hashtags, stories, tagged posts, and locations. The tool is often used by researchers and security analysts for data gathering, footprinting, and investigative purposes related to social media profiling. -
4
Ciphey
Decrypt encryptions without knowing the key or cipher
Fully automated decryption/decoding/cracking tool using natural language processing & artificial intelligence, along with some common sense. You don't know, you just know it's possibly encrypted. Ciphey will figure it out for you. Ciphey can solve most things in 3 seconds or less. Ciphey aims to be a tool to automate a lot of decryptions & decodings such as multiple base encodings, classical ciphers, hashes or more advanced cryptography. If you don't know much about cryptography, or you want... -
Stop Storing Third-Party Tokens in Your DatabaseRolling your own OAuth token storage can be a security liability. Token Vault securely stores access and refresh tokens from federated providers and handles exchange and renewal automatically. Connected accounts, refresh exchange, and privileged worker flows included.
-
5
Kubestriker
A Blazing fast Security Auditing tool for Kubernetes
Kubestriker is a platform-agnostic tool designed to tackle Kubernetes cluster security issues due to misconfigurations and will help strengthen the overall IT infrastructure of any organization. It performs numerous in-depth checks on a range of services and open ports well across more than one platform such as self-hosted kubernetes, Amazon EKS, Azure AKS, Google GKE etc., to identify any misconfigurations which make organizations an easy target for attackers. In addition, it helps... -
6
Signal Sciences Site Management Tool
Signal Sciences Site Manager
Signal Sciences Site Manager. -
7
FireCX
Open source OWASP penetration testing tool written in Python 3
FireCX is an open source OWASP penetration testing tool written in Python 3, that can speed up the the process of finding common PHP vulnerabilities in PHP code, i.e. command injection, local/remote file inclusion and SQL injection. -
8
RemoteSploit
Automated exploitation tool for SSH and RDP
Automated exploitation tool for SSH and RDP -
9
Phishing Catcher
Real-time phishing domain detection via Certificate Transparency logs
phishing_catcher is a security monitoring tool designed to detect potential phishing domains in near real time by analyzing TLS certificate issuance events. It listens to Certificate Transparency (CT) logs through the CertStream API and evaluates newly issued certificates as they appear. Each certificate often contains one or more domain names, which the tool analyzes to determine whether they resemble suspicious or phishing-related domains. phishing_catcher applies a configurable scoring... -
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
10
Hackingtool
ALL IN ONE Hacking Tool For Hackers
HackingTool by Z4nzu is a large collection (“all-in-one”) of tools and scripts for penetration testing / hacking / OSINT etc. It bundles many utilities (port scanners, payload injectors, web attack tools, phishing tools, wireless attack tools, reverse engineering, etc.) into a menu interface. Includes many individual tools, often wrappers or aggregations of existing well-known tools (e.g. port scanners, web attack tools, steganography, hash cracking etc.). A menu interface offering... -
11
mongoaudit
A powerful MongoDB auditing and pentesting tool
mongoaudit is a CLI tool for auditing MongoDB servers, detecting poor security settings and performing automated penetration testing. It is widely known that there are quite a few holes in MongoDB's default configuration settings. This fact, combined with abundant lazy system administrators and developers, has led to what the press has called the MongoDB apocalypse. mongoaudit not only detects misconfigurations, known vulnerabilities and bugs but also gives you advice on how to fix them,... -
12
cintruder
CIntruder - OCR Bruteforcing Toolkit
Captcha Intruder is an automatic pentesting tool to bypass captchas. -> CIntruder-v0.4 (.zip) -> md5 = 6326ab514e329e4ccd5e1533d5d53967 -> CIntruder-v0.4 (.tar.gz) ->md5 = 2256fccac505064f3b84ee2c43921a68 -------------------------------------------- -
13
DNSGen
Intelligent DNS permutation tool for subdomain discovery
DNSGen is an open source DNS name permutation tool designed primarily for security researchers and penetration testers who need to discover potential subdomains during reconnaissance and attack surface mapping. It analyzes existing domain names and generates numerous intelligent variations that may represent valid subdomains within an organization’s infrastructure. These generated permutations help identify hidden or unlisted services that may not appear in standard DNS queries or public... -
14
AttackSurfaceMapper
Automated tool for mapping & expanding organization’s attack surface
AttackSurfaceMapper (ASM) is a reconnaissance and attack surface discovery tool designed to automate the process of mapping potential targets within an organization's infrastructure. It combines open source intelligence (OSINT) with selective active reconnaissance techniques to expand and analyze a target’s external attack surface. Users can supply domains, subdomains, or IP addresses as input, and applies multiple discovery methods to identify additional related assets such as new... -
15
WhatWaf?
Detect and bypass web application firewalls and protection systems
WhatWaf is an advanced firewall detection tool who's goal is to give you the idea of "There's a WAF?". WhatWaf works by detecting a firewall on a web application and attempting to detect a bypass (or two) for said firewall, on the specified target. -
16
Fav-up
Look up IP addresses using favicon hashes via Shodan
fav-up is an open source reconnaissance utility designed to identify servers and websites by analyzing favicon hashes and querying the Shodan search engine. It calculates the hash of a favicon image and then uses that value to search Shodan for other hosts that use the same icon. This technique is commonly used in security research and OSINT investigations to discover related infrastructure or services that may belong to the same organization. fav-up can retrieve favicon data from several... -
17
BlockCheck
Russian ISP blocking type checker
BlockCheck is a Russian ISP blocking-type checker created to identify how websites from Russia’s prohibited-information registry were being blocked by internet providers. The tool was designed for a specific network environment and is explicitly not useful outside Russia. It runs tests that help distinguish different blocking methods, such as DNS manipulation, IP blocking, HTTP blocking, TCP reset behavior, and deeper filtering patterns. The repository is now archived and marked as not... -
18
Buster
OSINT tool for discovering information linked to email addresses
Buster is an open source OSINT tool designed for email reconnaissance and information gathering. It helps investigators, security researchers, and penetration testers discover publicly available information related to email addresses and usernames. It can analyze an email address to identify associated social media accounts, references across the web, and potential data breaches linked to that email. It also performs reverse WHOIS lookups to discover domains that may have been registered... -
19
Photon
Incredibly fast crawler designed for OSINT
...The crawler prioritizes speed and breadth, making it suitable for mapping web attack surfaces and discovering hidden resources. Photon is commonly used during early reconnaissance phases to build a comprehensive inventory of reachable assets. Its Python implementation makes it accessible for customization and integration into larger automation frameworks. Despite its speed focus, the tool still provides useful filtering and extraction capabilities for analysts who need structured results. Overall, Photon functions as a lightweight yet powerful reconnaissance spider for web intelligence gathering. -
20
Offensive Web Testing Framework
Offensive Web Testing Framework (OWTF), is a framework
OWASP OWTF is a project focused on penetration testing efficiency and alignment of security tests to security standards like the OWASP Testing Guide (v3 and v4), the OWASP Top 10, PTES and NIST so that pentesters will have more time to see the big picture and think out of the box. More efficiently find, verify and combine vulnerabilities. Have time to investigate complex vulnerabilities like business logic/architectural flaws or virtual hosting sessions. Perform more tactical/targeted... -
21
RouterSploit
Exploitation Framework for Embedded Devices
RouterSploit is an open-source exploitation framework focused on embedded devices such as routers, cameras, and IoT gadgets. It offers modules for exploits, scanners, and credentials testing, making it a valuable tool for security professionals and researchers. Inspired by Metasploit, it provides a CLI for executing attacks, testing device vulnerabilities, and simulating real-world exploitation scenarios in a legal and ethical manner. -
22
pydictor
powerful and useful hacker dictionary builder for a brute-force attack
A powerful and useful hacker dictionary builder for a brute-force attack. You can use pydictor to generate a general blast wordlist, a custom wordlist based on Web content, a social engineering wordlist, and so on; You can use the pydictor built-in tool to safe delete, merge, unique, merge and unique, count word frequency to filter the wordlist, besides, you also can specify your wordlist and use '-tool handler' to filter your wordlist. You can generate highly customized and complex... -
23
safelock
Basic AES files encryption tool
Simple drag & drop file encryption tool. based on python and uses PyCrypto to encrypt the inputted files with AES encryption. Then sqlite database file is generated with a unique key to store the encrypted files and folders in binary blobs for later decryption. -
24
SpiderFoot
Open Source Intelligence Automation.
SpiderFoot is an open source intelligence automation tool. Its goal is to automate the process of gathering intelligence about a given target, which may be an IP address, domain name, hostname or network subnet. SpiderFoot can be used offensively, i.e. as part of a black-box penetration test to gather information about the target or defensively to identify what information your organisation is freely providing for attackers to use against you. -
25
FoxNuke
A Proffesional Stress-Testing(ddos) tool for pentesters
The FoxNuke program is written in python and uses Firefox in order to complete the distributed denial of service attack feature. Multiple headers are used from the Firefox browser, along with a personal configuration option for the Opera browser. The FoxNuke Program is still underdevelopment as of 8/24/17, full release is set to come out sometime during 2017-2018. If you would like to participate in the TESTING of this program and would like to help report bugs, etc. then please email...
