Search Results for "attack" - Page 3
Sort By:
Showing 248 open source projects for "attack"
View related business solutions-
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
Custom VMs From 1 to 96 vCPUs With 99.95% UptimeLive migration and automatic failover keep workloads online through maintenance. One free e2-micro VM every month.
-
1
Anya
A malware analysis platform built in Rust
Anya is a privacy-first static malware analysis tool for Windows, Linux, and macOS. It combines PE, ELF, and Mach-O binary analysis with MITRE ATT&CK mapping, confidence-based risk scoring, and plain-English explanations. All offline, with zero network calls. Built for analysts and students alike, it ships as both a CLI and a desktop GUI. -
2
Wifipumpkin3
Powerful framework for rogue access point attack
wifipumpkin3 is powerful framework for rogue access point attack, written in Python, that allow and offer to security researchers, red teamers and reverse engineers to mount a wireless network to conduct a man-in-the-middle attack. -
3
Digna Web Scanner
A tool to check web apps for vulnerabilty
...Insecure Direct Object References (IDOR): Scans for vulnerabilities that might enable attackers to access unauthorized data by manipulating direct object references. Open Ports: Detects open ports on the target web server to understand its potential attack surface. Content Security Policy (CSP): Checks if the website has a properly configured CSP to mitigate XSS and other injection RCE -
4
usb-guard
Turn any USB flash drive into a master key for your PC
USB Guard is an advanced workstation security solution for Windows that turns USB drives into physical authentication keys using native Windows Kernel APIs. - Zero-Trust Security: Validates unique hardware serial numbers through direct Kernel API calls, ensuring only authorized USB drives can unlock your PC. - Brute-Force Protection: Exponential delay penalties after failed unlock attempts prevent automated attacks. - High-Fidelity Lock Screen: Glassmorphism aesthetics with... -
$300 in Free Credit Towards Top Cloud ServicesStart your project in minutes. After credits run out, 20+ products include free monthly usage. Only pay when you're ready to scale.
-
5
GmSSL
Password toolbox that supports national secret
GmSSL is an open source library of domestic commercial ciphers independently developed by Peking University. It realizes comprehensive functional coverage of national secret algorithms, standards, and secure communication protocols. It supports mainstream operating systems and processors including mobile terminals, and supports cryptographic keys, Cipher cards and other typical domestic cryptographic hardware provide feature-rich command line tools and multiple compiled language programming... -
6
Infection Monkey
Infection Monkey is a automated security testing tool for networks
Infection Monkey is a open source automated security testing tool for testing a network's security baseline. Monkey is a tool that infects machines and propagates and Monkey Island is the server for an administrator to control and visualize progress of Infection Monkey. -
7
paramspider
Mine parameterized URLs from web archives for security testing
ParamSpider is an open source command-line tool designed to discover URLs that contain parameters by mining historical data from web archives such as the Wayback Machine. It helps security researchers, penetration testers, and bug bounty hunters collect potential attack surfaces by automatically gathering archived URLs related to a specific domain. Instead of returning every discovered URL, the tool intelligently filters results to highlight parameterized endpoints that are more useful for vulnerability testing. These endpoints are commonly used during reconnaissance because parameters often expose inputs that may be vulnerable to issues like cross-site scripting, SQL injection, or server-side request forgery. ... -
8
BloodHound Legacy
Six Degrees of Domain Admin
BloodHound Legacy is the deprecated open‑source version of the BloodHound Active Directory attack path analysis tool. It uses graph theory to model and visualize privileged relationships in AD, Entra ID, and Azure environments. Security professionals use it to enumerate domain privilege escalation paths, misconfigurations, and attack surfaces in corporate networks -
9
DeepBlueCLI
PowerShell Module for Threat Hunting via Windows Event Logs
...The codebase includes helpers for command-line decoding and de-obfuscation (automatic base64/deflate handling), safelisting/hash workflows (DeepBlueHash), and sample EVTX files so teams can test the tool on realistic attack traces. -
Full-stack observability with actually useful AI | Grafana CloudBuilt on open standards like Prometheus and OpenTelemetry, Grafana Cloud includes Kubernetes Monitoring, Application Observability, Incident Response, plus the AI-powered Grafana Assistant. Get started with our generous free tier today.
-
10
Good Man in the Middle
Rule-based MITM engine. Rewriting, redirecting and rejecting on HTTP
Rule-based MITM engine. Rewriting, redirecting and rejecting on HTTP(S) requests and responses, supports JavaScript. -
11
sqlid
SQL Injection Detector Modules Program for preventing SQL Injection
SQLID-URAC (SQL Injection Detector using Regex & Aho-Corasick) Current Version: v.3.0.1.8d SQL Injection Detector using Regex and Aho-Corasick algorithm for preventing SQL Injection attack. -
12
DDoS/Dos Attack Simulator
Distributed Denial of Service Attack Simulator
DDoS/DoS Attack Simulator is powerful Python-based software used for attacking servers, hosts, and websites using traffic. It disrupts the normal traffic of a targeted server, service, or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic. A server that does not have protection against it can experience extremely slow performance due to all of the traffic it sends. -
13
Udp2raw-tunnel
Turns UDP traffic into encrypted UDP/fakeTCP/ICMP traffic
A tunnel which turns UDP traffic into encrypted fakeTCP/UDP/ICMP traffic by using Raw Socket, helps you bypass UDP FireWalls(or unstable UDP environment). When used alone, Udp2raw tunnels only UDP traffic. Nevertheless, if you used udp2raw + any UDP-based VPN together, you can tunnel any traffic(include TCP/UDP/ICMP), currently, OpenVPN/L2TP/ShadowVPN and tinyfecVPN are confirmed to be supported. Linux host (including desktop Linux,Android phone/tablet,OpenWRT router,or Raspberry PI) with... -
14
ISB
ISB (I'm so bored) is a network stress-testing application for Windows
ISB (I'm so bored) is a network stress-testing application for Windows created by byte[size] Software byte[size] Software: https://github.com/softbytesize Frontpage: https://softbytesize.github.io/ISB/ Support: https://softbytesize.github.io/ISB#cu Documentation: https://softbytesize.github.io/ISB/#helpstart Releases: https://github.com/softbytesize/ISB-Releases/releases Discord: https://discord.com/invite/9YNzrXDHxE -
15
Shennina
Automating Host Exploitation with AI
...Shennina scans a set of input targets for available network services, uses its AI engine to identify recommended exploits for the attacks, and then attempts to test and attack the targets. If the attack succeeds, Shennina proceeds with the post-exploitation phase. The AI engine is initially trained against live targets to learn reliable exploits against remote services. Shennina also supports a "Heuristics" mode for identfying recommended exploits. -
16
Confused
Tool to check for dependency confusion vulnerabilities
...It will proceed to report all the package names that are not found in the public repositories - a state that implies that a package might be vulnerable to this kind of attack, while this vector has not yet been exploited. -
17
vulnerable-AD
Create a vulnerable active directory
...A convenience wrapper and examples make it straightforward to deploy in a local lab: you can install AD services, run the script on a domain controller, and generate hundreds of vulnerable accounts and conditions for testing. The repository emphasizes full coverage of the listed attack types and includes options to randomize which weakness -
18
-
19
OneForAll
OneForAll is a powerful subdomain collection tool
...The tool is particularly notable for incorporating many Chinese data sources that are often missed by Western-focused recon tools, increasing discovery coverage. It supports brute-force subdomain discovery, recursive scanning, and takeover detection to help identify potential attack surfaces. OneForAll also performs validation and enrichment of discovered domains, producing structured outputs for further analysis. Overall, it is a powerful asset discovery platform designed to maximize subdomain visibility during security assessments. -
20
Command Line
Your Personal Hacking Terminal.
Command Line is an Open-Source Software for Pentesters and Ethical Hackers it contains many Functionalities which helps Ethical Hackers. It is CLI Based Application use for checking Networks and IP's it also supports functionalities like downloading Packages from Internet Including YouTube.It is also used for Port scanning, IP-Finding it is also useful for checking ping and net speed with the functionality of scanning the net speed by selecting the best server. It also has Host IP finding... -
21
Hakrawler
Fast Go web crawler for discovering URLs and web app endpoints
...It is primarily used during the reconnaissance phase of security testing, bug bounty hunting, and penetration testing. It works by automatically crawling web pages and extracting links, JavaScript file locations, and other resources that may reveal additional attack surface or hidden functionality. hakrawler is implemented as a simple and efficient crawler using the Gocolly library, which allows it to perform fast and concurrent crawling of web pages. It accepts URLs through standard input, making it easy to integrate into command-line pipelines with other security tools. This workflow enables researchers to combine it with subdomain enumeration, HTTP probing, and vulnerability scanning utilities to automate reconnaissance processes. hakrawler can follow links within a website and optionally include subdomains. -
22
Hetty
An HTTP toolkit for security research
Hetty is an HTTP toolkit for security research. It aims to become an open-source alternative to commercial software like Burp Suite Pro, with powerful features tailored to the needs of the infosec and bug bounty communities. Machine-in-the-middle (MITM) HTTP proxy, with logs and advanced search. HTTP client for manually creating/editing requests, and replay proxied requests. Intercept requests and responses for manual review (edit, send/receive, cancel) Scope support, to help keep work... -
23
Kubernetes External Secrets
Integrate external secret management systems with Kubernetes
...An ExternalSecret declares how to fetch the secret data, while the controller converts all ExternalSecrets to Secrets. The conversion is completely transparent to Pods that can access Secrets normally. By default Secrets are not encrypted at rest and are open to attack, either via the etcd server or via backups of etcd data. -
24
UltraDDOS-v2
DDOS tool
One of the most overpowered DDOS weapon on the internet. This software is mainly for pen testing websites or servers. -
25
Kubesploit
Kubesploit is a cross-platform post-exploitation HTTP/2 Command
...While researching Docker and Kubernetes, we noticed that most of the tools available today are aimed at passive scanning for vulnerabilities in the cluster, and there is a lack of more complex attack vector coverage. They might allow you to see the problem but not exploit it. It is important to run the exploit to simulate a real-world attack that will be used to determine corporate resilience across the network. When running an exploit, it will practice the organization's cyber event management, which doesn't happen when scanning for cluster issues. ...
