Search Results for "tool" - Page 5
Sort By:
Showing 200 open source projects for "tool"
View related business solutions-
Forever Free Full-Stack Observability | Grafana CloudBuilt on open standards like Prometheus and OpenTelemetry, Grafana Cloud includes Kubernetes Monitoring, Application Observability, Incident Response, plus the AI-powered Grafana Assistant. Get started with our generous free tier today.
-
Train ML Models With SQL You Already KnowBuild and deploy ML models using familiar SQL. Automate data prep with built-in Gemini. Query 1 TB and store 10 GB free monthly.
-
1
FavFreak
Favicon hash–based reconnaissance tool for security research
FavFreak is an open source reconnaissance tool designed to assist security researchers, bug bounty hunters, and penetration testers in identifying web technologies using favicon hashes. It works by taking one or more URLs as input and automatically retrieving the favicon.ico file associated with each target website. After fetching the favicon, it calculates a hash value and organizes the scanned domains, subdomains, or IP addresses according to these hashes. -
2
gasmask
All-in-one OSINT tool for reconnaissance and domain intelligence
GasMasK is an open source OSINT (Open Source Intelligence) tool designed to perform reconnaissance and information gathering on domains and online targets. It is implemented as a Python-based command-line utility that collects data from numerous publicly available sources across the internet. It aggregates intelligence such as domain details, email addresses, hostnames, and subdomains by querying search engines, DNS records, certificate transparency logs, and security databases. ... -
3
mongoaudit
A powerful MongoDB auditing and pentesting tool
mongoaudit is a CLI tool for auditing MongoDB servers, detecting poor security settings and performing automated penetration testing. It is widely known that there are quite a few holes in MongoDB's default configuration settings. This fact, combined with abundant lazy system administrators and developers, has led to what the press has called the MongoDB apocalypse. mongoaudit not only detects misconfigurations, known vulnerabilities and bugs but also gives you advice on how to fix them, recommends best practices and teaches you how to DevOp like a pro! ... -
4
cintruder
CIntruder - OCR Bruteforcing Toolkit
Captcha Intruder is an automatic pentesting tool to bypass captchas. -> CIntruder-v0.4 (.zip) -> md5 = 6326ab514e329e4ccd5e1533d5d53967 -> CIntruder-v0.4 (.tar.gz) ->md5 = 2256fccac505064f3b84ee2c43921a68 -------------------------------------------- -
Gemini 3 and 200+ AI Models on One PlatformBuild generative AI apps with Vertex AI. Switch between models without switching platforms.
-
5
DNSGen
Intelligent DNS permutation tool for subdomain discovery
DNSGen is an open source DNS name permutation tool designed primarily for security researchers and penetration testers who need to discover potential subdomains during reconnaissance and attack surface mapping. It analyzes existing domain names and generates numerous intelligent variations that may represent valid subdomains within an organization’s infrastructure. These generated permutations help identify hidden or unlisted services that may not appear in standard DNS queries or public records. ... -
6
AttackSurfaceMapper
Automated tool for mapping & expanding organization’s attack surface
AttackSurfaceMapper (ASM) is a reconnaissance and attack surface discovery tool designed to automate the process of mapping potential targets within an organization's infrastructure. It combines open source intelligence (OSINT) with selective active reconnaissance techniques to expand and analyze a target’s external attack surface. Users can supply domains, subdomains, or IP addresses as input, and applies multiple discovery methods to identify additional related assets such as new subdomains, associated IP ranges, and hosts within the same network ownership. ... -
7
WhatWaf?
Detect and bypass web application firewalls and protection systems
WhatWaf is an advanced firewall detection tool who's goal is to give you the idea of "There's a WAF?". WhatWaf works by detecting a firewall on a web application and attempting to detect a bypass (or two) for said firewall, on the specified target. -
8
VulnX
Intelligent Bot, Shell can achieve automatic injection
...Instead of injecting each and every shell manually as all the other tools do, VulnX analyses the target website checking the presence of a vulnerability if so the shell will be Injected by searching URLs with the dorks Tool. Detects CMS (wordpress, joomla, prestashop, drupal, opencart, magento, lokomedia). -
9
King Phisher
Phishing Campaign Toolkit
King Phisher is an open source tool that can simulate real world phishing attacks. It has an easy-to-use, flexible architecture that allows for full control over both emails and server content. It is useful for running awareness campaigns and training, and can only be used for legal applications when the explicit permission of the targeted organization has been obtained. -
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
10
Fav-up
Look up IP addresses using favicon hashes via Shodan
...This technique is commonly used in security research and OSINT investigations to discover related infrastructure or services that may belong to the same organization. fav-up can retrieve favicon data from several sources, including local files, direct favicon URLs, or full web pages where the favicon is automatically extracted. fav-up then computes the favicon hash and performs Shodan queries to locate IP addresses that match the same hash. To support larger investigations, the tool can iterate over lists of URLs, domains, or favicon files in bulk. Results can be printed to the console or exported into structured formats such as CSV or JSON for further analysis and reporting. -
11
Buster
OSINT tool for discovering information linked to email addresses
Buster is an open source OSINT tool designed for email reconnaissance and information gathering. It helps investigators, security researchers, and penetration testers discover publicly available information related to email addresses and usernames. It can analyze an email address to identify associated social media accounts, references across the web, and potential data breaches linked to that email. -
12
CTS Surveyor
Foot traffic and facial analytics for your business and home
Surveyor is a software solution that monitors its environment via camera and gathers demographic information about the public in the surrounding area, providing important statistics such as number of people passing by as well as providing facial analytics to classify the pedestrians based on their age and gender. The statistical data is stored in a local database and is made available via RESTful API’s, and easy integration with other applications can be accomplished via a WebSocket... -
13
Photon
Incredibly fast crawler designed for OSINT
...Photon is commonly used during early reconnaissance phases to build a comprehensive inventory of reachable assets. Its Python implementation makes it accessible for customization and integration into larger automation frameworks. Despite its speed focus, the tool still provides useful filtering and extraction capabilities for analysts who need structured results. Overall, Photon functions as a lightweight yet powerful reconnaissance spider for web intelligence gathering. -
14
Offensive Web Testing Framework
Offensive Web Testing Framework (OWTF), is a framework
...Have time to investigate complex vulnerabilities like business logic/architectural flaws or virtual hosting sessions. Perform more tactical/targeted fuzzing on seemingly risky areas. Demonstrate true impact despite the short timeframes we are typically given to test. The tool is highly configurable and anybody can trivially create simple plugins or add new tests in the configuration files without having any development experience. OWTF is developed on KaliLinux and macOS but it is made for Kali Linux (or other Debian derivatives). -
15
Xplico
Xplico is a Network Forensic Analysis Tool (NFAT)
Xplico is a Network Forensic Analysis Tool (NFAT). The goal of Xplico is extract from an internet traffic capture the applications data contained. For example, from a pcap file Xplico extracts each email (POP, IMAP, and SMTP protocols), all HTTP contents, each VoIP call (SIP, MGCP, MEGACO, RTP), IRC, WhatsApp... Xplico is able to classify more than 140 (application) protocols. -
16
RouterSploit
Exploitation Framework for Embedded Devices
RouterSploit is an open-source exploitation framework focused on embedded devices such as routers, cameras, and IoT gadgets. It offers modules for exploits, scanners, and credentials testing, making it a valuable tool for security professionals and researchers. Inspired by Metasploit, it provides a CLI for executing attacks, testing device vulnerabilities, and simulating real-world exploitation scenarios in a legal and ethical manner. -
17
RCPnet
A multi-tool for network pen-testing written in python.
A multi-tool for network pen-testing written in python. It contains effective ping functions, hostname traceroute, and cloudflare detection. This is a modification from the FoxNuke Project, which only intended to be a DOS tool for network pen testing. Contact me [main admin] at leyvarosnel@gmail.com -
18
tinfoleak
OSINT tool for extracting and analyzing Twitter intelligence data
tinfoleak is an open source intelligence (OSINT) and social media intelligence (SOCMINT) tool designed to automate the collection and analysis of data from Twitter. It focuses on helping analysts extract large volumes of information from Twitter timelines using identifiers such as usernames, geographic coordinates, or keywords. Once the data is gathered, tinfoleak organizes it into structured information that can support intelligence analysis and investigative research. tinfoleak is capable of analyzing user activity, relationships, and behavioral patterns to reveal insights about accounts and their interactions on the platform. ... -
19
leet
Leet is CCEx's software application for on-the-fly encryption (OTFE).
The name leet stands for "Linux exquisite encryption tool", it will be a software application for on-the-fly encryption, similar in its functionality to TrueCrypt. The goal of leet however is to be simpler and as user friendly as possible, making encryption and securing of information accessible to anybody, even those who don't necessarily have any prior knowledge of data securing, algorithms and encryption. -
20
pydictor
powerful and useful hacker dictionary builder for a brute-force attack
...You can use pydictor to generate a general blast wordlist, a custom wordlist based on Web content, a social engineering wordlist, and so on; You can use the pydictor built-in tool to safe delete, merge, unique, merge and unique, count word frequency to filter the wordlist, besides, you also can specify your wordlist and use '-tool handler' to filter your wordlist. You can generate highly customized and complex wordlists by modifying multiple configuration files, adding your own dictionary, using leet mode, filter by length, char occur times, types of different char, regex, and even add customized encode scripts in /lib/encode/ folder, add your own plugin script in /plugins/ folder, add your own tool script in /tools/ folder. -
21
DeID Tool
De-Identification tool to remove sensitive data
This tool converts pipe separated text data into a csv file and also removes all the patient related sensitive data. It takes raw data as input from a text file and process the data thereby, generates a csv file. -
22
safelock
Basic AES files encryption tool
Simple drag & drop file encryption tool. based on python and uses PyCrypto to encrypt the inputted files with AES encryption. Then sqlite database file is generated with a unique key to store the encrypted files and folders in binary blobs for later decryption. -
23
SpiderFoot
Open Source Intelligence Automation.
SpiderFoot is an open source intelligence automation tool. Its goal is to automate the process of gathering intelligence about a given target, which may be an IP address, domain name, hostname or network subnet. SpiderFoot can be used offensively, i.e. as part of a black-box penetration test to gather information about the target or defensively to identify what information your organisation is freely providing for attackers to use against you. -
24
FoxNuke
A Proffesional Stress-Testing(ddos) tool for pentesters
The FoxNuke program is written in python and uses Firefox in order to complete the distributed denial of service attack feature. Multiple headers are used from the Firefox browser, along with a personal configuration option for the Opera browser. The FoxNuke Program is still underdevelopment as of 8/24/17, full release is set to come out sometime during 2017-2018. If you would like to participate in the TESTING of this program and would like to help report bugs, etc. then please email... -
25
Felix Hash Tool
File Integrity Check Program
File Integrity Check Program.
