Search Results for "source" - Page 10
Sort By:
Showing 654 open source projects for "source"
View related business solutions-
Try Google Cloud Risk-Free With $300 in CreditUse your credit across every product. Compute, storage, AI, analytics. When it runs out, 20+ products stay free. You only pay when you choose to.
-
Gemini 3 and 200+ AI Models on One PlatformBuild, govern, and optimize agents and models with Gemini Enterprise Agent Platform.
-
1
AttackSurfaceMapper
Automated tool for mapping & expanding organization’s attack surface
AttackSurfaceMapper (ASM) is a reconnaissance and attack surface discovery tool designed to automate the process of mapping potential targets within an organization's infrastructure. It combines open source intelligence (OSINT) with selective active reconnaissance techniques to expand and analyze a target’s external attack surface. Users can supply domains, subdomains, or IP addresses as input, and applies multiple discovery methods to identify additional related assets such as new subdomains, associated IP ranges, and hosts within the same network ownership. ... -
2
mssqlproxy
Toolkit aimed to perform lateral movement in restricted environments
mssqlproxy is a toolkit aimed to perform lateral movement in restricted environments through a compromised Microsoft SQL Server via socket reuse. The client requires impacket and sysadmin privileges on the SQL server. The first step is to execute code in the SQL Server process context. As extended stored procedures are going to be deprecated in future versions of MSSQL, we pay attention to Microsoft recommendations and thus, use CLR assemblies instead. -
3
Web Security Dojo
Virtual training environment to learn web app ethical hacking.
Web Security Dojo is a virtual machine that provides the tools, targets, and documentation to learn and practice web application security testing. A preconfigured, stand-alone training environment ideal for classroom and conferences. No Internet required to use. Ideal for those interested in getting hands-on practice for ethical hacking, penetration testing, bug bounties, and capture the flag (CTF). A single OVA file will import into VirtualBox and VMware. There is also an Ansible... -
4
WhatWaf?
Detect and bypass web application firewalls and protection systems
WhatWaf is an advanced firewall detection tool who's goal is to give you the idea of "There's a WAF?". WhatWaf works by detecting a firewall on a web application and attempting to detect a bypass (or two) for said firewall, on the specified target. -
Auth0 B2B Essentials: SSO, MFA, and RBAC Built InAuth0's B2B Essentials plan gives you everything you need to ship secure multi-tenant apps. Unlimited orgs, enterprise SSO, RBAC, audit log streaming, and higher auth and API limits included. Add on M2M tokens, enterprise MFA, or additional SSO connections as you scale.
-
5
VulnX
Intelligent Bot, Shell can achieve automatic injection
vulnx, an intelligent Bot, Shell can achieve automatic injection, and help researchers detect security vulnerabilities in CMS systems. It can perform a quick CMS security detection, information collection (including sub-domain name, IP address, country information, organizational information and time zone, etc.), and vulnerability scanning. Vulnx is An Intelligent Bot Auto Shell Injector that detects vulnerabilities in multiple types of Cms, fast cms detection, information gathering, and... -
6
Fav-up
Look up IP addresses using favicon hashes via Shodan
fav-up is an open source reconnaissance utility designed to identify servers and websites by analyzing favicon hashes and querying the Shodan search engine. It calculates the hash of a favicon image and then uses that value to search Shodan for other hosts that use the same icon. This technique is commonly used in security research and OSINT investigations to discover related infrastructure or services that may belong to the same organization. fav-up can retrieve favicon data from several sources, including local files, direct favicon URLs, or full web pages where the favicon is automatically extracted. fav-up then computes the favicon hash and performs Shodan queries to locate IP addresses that match the same hash. ... -
7
MozDef
MozDef: Mozilla Enterprise Defense Platform
MozDef aims to bring real-time incident response and investigation to the defensive toolkits of security operations groups in the same way that Metasploit, LAIR, and Armitage have revolutionized the capabilities of attackers. We use MozDef to ingest security events, alert us to security issues, investigate suspicious activities, handle security incidents, and visualize and categorize threat actors. The real-time capabilities allow our security personnel all over the world to work... -
8
King Phisher
Phishing Campaign Toolkit
King Phisher is an open source tool that can simulate real world phishing attacks. It has an easy-to-use, flexible architecture that allows for full control over both emails and server content. It is useful for running awareness campaigns and training, and can only be used for legal applications when the explicit permission of the targeted organization has been obtained. -
9
BlockCheck
Russian ISP blocking type checker
BlockCheck is a Russian ISP blocking-type checker created to identify how websites from Russia’s prohibited-information registry were being blocked by internet providers. The tool was designed for a specific network environment and is explicitly not useful outside Russia. It runs tests that help distinguish different blocking methods, such as DNS manipulation, IP blocking, HTTP blocking, TCP reset behavior, and deeper filtering patterns. The repository is now archived and marked as not... -
Compliant and Reliable File Transfers Backed by Top Security CertificationsStop relying on non-certified, legacy file transfer tools that creak under the weight of modern security demands. Get full audit trails, advanced access controls and more supported by an award-winning team of experts. Start your free 25-day trial today.
-
10
Buster
OSINT tool for discovering information linked to email addresses
Buster is an open source OSINT tool designed for email reconnaissance and information gathering. It helps investigators, security researchers, and penetration testers discover publicly available information related to email addresses and usernames. It can analyze an email address to identify associated social media accounts, references across the web, and potential data breaches linked to that email. -
11
ParamIT
a Toolset for Molecular Mechanical Force Field Parameterization
ParamIT is a toolkit aiding the development of molecular mechanical force field parameterization of small, drag like, molecules within CHARMM general force field (CGenFF) protocol. The developed toolkit helps the researchers in following ways: 1) automating the creation of multiple input files for quantum and molecular mechanics programs, 2) automating the output analysis and 3) substitute the use of full MM programs with a faster specialized one. The developed tools include: 1) generator of... -
12
BLESS
An SSH Certificate Authority that runs as an AWS Lambda function
BLESS is an SSH Certificate Authority that runs as an AWS Lambda function and is used to sign SSH public keys. SSH Certificates are an excellent way to authorize users to access a particular SSH host, as they can be restricted for a single-use case, and can be short-lived. Instead of managing the authorized_keys of a host, or controlling who has access to SSH Private Keys, hosts just need to be configured to trust an SSH CA. BLESS should be run as an AWS Lambda in an isolated AWS account.... -
13
PivotSuite
Network Pivoting Toolkit
PivotSuite is a portable, platform-independent and powerful network pivoting toolkit, Which helps Red Teamers / Penetration Testers to use a compromised system to move around inside a network. It is a Standalone Utility, Which can use as a Server or as a Client. If the compromised host is directly accessible (Forward Connection) from Our pentest machine, Then we can run pivotsuite as a server on the compromised machine and access the different subnet hosts from our pentest machine, Which was... -
14
Photon
Incredibly fast crawler designed for OSINT
Photon is an extremely fast web crawler built specifically for OSINT and reconnaissance use cases. It is designed to extract URLs, endpoints, files, and other intelligence artifacts from target websites with minimal overhead. The crawler prioritizes speed and breadth, making it suitable for mapping web attack surfaces and discovering hidden resources. Photon is commonly used during early reconnaissance phases to build a comprehensive inventory of reachable assets. Its Python implementation... -
15
Offensive Web Testing Framework
Offensive Web Testing Framework (OWTF), is a framework
OWASP OWTF is a project focused on penetration testing efficiency and alignment of security tests to security standards like the OWASP Testing Guide (v3 and v4), the OWASP Top 10, PTES and NIST so that pentesters will have more time to see the big picture and think out of the box. More efficiently find, verify and combine vulnerabilities. Have time to investigate complex vulnerabilities like business logic/architectural flaws or virtual hosting sessions. Perform more tactical/targeted... -
16
Xplico
Xplico is a Network Forensic Analysis Tool (NFAT)
Xplico is a Network Forensic Analysis Tool (NFAT). The goal of Xplico is extract from an internet traffic capture the applications data contained. For example, from a pcap file Xplico extracts each email (POP, IMAP, and SMTP protocols), all HTTP contents, each VoIP call (SIP, MGCP, MEGACO, RTP), IRC, WhatsApp... Xplico is able to classify more than 140 (application) protocols. Xplico cam be used as sniffer-decoder if used in "live mode" or in conjunction with netsniff-ng. Xplico is used... -
17
Somedo
Social Media Downloader
Social Media Downloader for Open Source Intelligence purpos. Supportes so far: Facebook Instagram Twitter -
18
CryptoFlouze
This software display the last prices of the top 20 cryptocurencies
...The data is downloaded from : https://coinmarketcap.com/api/ For windows : Download this zip file, unzip everything in the same directory. The data are updated at every run. For other operating systems : Run it from the source. https://github.com/hamdyaea/CryptoFlouze Developer - Author Hamdy Abou El Anein -
19
pwnCheck
Password pwn check.
This program is a graphical user interface for checking pwned passwords, it's writen with python and pyQT4. Program calculates password hash and then searches for matches with first 5 symbols (prefix) in https://api.pwnedpasswords.com, then full hash match is found localy on users PC. -
20
WiFi-Pumpkin
WiFi-Pumpkin - Framework for Rogue Wi-Fi Access Point Attack
The WiFi-Pumpkin is a rogue AP framework to easily create these fake networks, all while forwarding legitimate traffic to and from the unsuspecting target. It comes stuffed with features, including rogue Wi-Fi access points, deauth attacks on client APs, a probe request and credentials monitor, transparent proxy, Windows update attack, phishing manager, ARP Poisoning, DNS Spoofing, Pumpkin-Proxy, and image capture on the fly. moreover, the WiFi-Pumpkin is a very complete framework for... -
21
RouterSploit
Exploitation Framework for Embedded Devices
RouterSploit is an open-source exploitation framework focused on embedded devices such as routers, cameras, and IoT gadgets. It offers modules for exploits, scanners, and credentials testing, making it a valuable tool for security professionals and researchers. Inspired by Metasploit, it provides a CLI for executing attacks, testing device vulnerabilities, and simulating real-world exploitation scenarios in a legal and ethical manner. -
22
MacPassGen
Password generator for Mac OS X written in Objective Python.
There are many password management applications out there, but they all lack a password generator which can create passwords a human can remember easily. PassGen fills this gap with a wide variety of possible password it can create. Among passwords consisting of random letters, numbers and punctuations it can also generate mnemonic passwords consisting of words, numbers and punctuations. These kind of password are also hard to guess, but much more easy to remember for a human brain. -
23
httpshell is an interactive https command exploit to test the perimeter security of your network. This is a customized HTTPS encrypted reverse shell. It illustrates how easy to bypass any perimiter firewall and IPS by simply encrypting the data. To list all connecting clients: sulod -l To interact with existing client sessions: sulod -i <number> by Nelson Maligro
-
24
squirreldns
simple way to show your current ip to the world
simple way to login to a flask server and set your ip address so that others can communicate with you. Also has basic function to allow failover of nodes -
25
Steganograph
Hide your text message's inside a image
This software let's you hide text message's inside a image .
