We have collection of more than 1 Million open source products ranging from Enterprise product to small libraries in all platforms. We aggregate information from all open source repositories. Search and find the best for your needs. Check out projects section.
amass - In-depth subdomain enumeration written in Go
Amass is now an OWASP project and the OWASP GitHub organization repository is where all further development and releases will take place.
dns subdomain enumeration recon maltego owaspNoSQLMap - Automated NoSQL database enumeration and web application exploitation tool.
NoSQLMap is an open source Python tool designed to audit for as well as automate injection attacks and exploit default configuration weaknesses in NoSQL databases and web applications using NoSQL in order to disclose or clone data from the database. Originally authored by @tcsstool and now maintained by @codingo_ NoSQLMap is named as a tribute to Bernardo Damele and Miroslav's Stampar's popular SQL injection tool sqlmap. Its concepts are based on and extensions of Ming Chow's excellent presentation at Defcon 21, "Abusing NoSQL Databases".
nosql nosql-databases penetration-testing scanner security-audit security-tools security-toolset offensive-security enumeration databases mongodb couchdb web-application-security bugbounty redis mongodb-database sql-injection hacking hacking-tool hacktoberfestReconnoitre - A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing
A reconnaissance tool made for the OSCP labs to automate information gathering and service enumeration whilst creating a directory structure to store results, findings and exploits used for each host, recommended commands to execute and directory structures for storing loot and flags. This tool is based heavily upon the work made public in Mike Czumak's (T_v3rn1x) OSCP review (link) along with considerable influence and code taken from Re4son's mix-recon (link). Virtual host scanning is originally adapted from teknogeek's work which is heavily influenced by jobertabma's virtual host discovery script (link). Further Virtual Host scanning code has been adapted from a project by Tim Kent and I, available here (link).
oscp penetration-testing scanner security security-audit security-tools security-scanner offensive-security nmap enumeration scanning kali-linux service-enumeration services-discovered discover-services range snmp hacking hacking-tool virtual-hostsRaccoon - A high performance offensive security tool for reconnaissance and vulnerability scanning
Raccoon is a tool made for reconnaissance and information gathering with an emphasis on simplicity. It will do everything from fetching DNS records, retrieving WHOIS information, obtaining TLS data, detecting WAF presence and up to threaded dir busting and subdomain enumeration. Every scan outputs to a corresponding file. As most of Raccoon's scans are independent and do not rely on each other's results, it utilizes Python's asyncio to run most scans asynchronously.
reconnaissance scanner vulnerability-assessment vulnerability-scanner enumeration pentesting pentest-tool hacking-tool offensive-security security-scanner fuzzing information-gathering hacking raccoon osintsubfinder - SubFinder is a subdomain discovery tool that discovers valid subdomains for websites
SubFinder is a subdomain discovery tool that discovers valid subdomains for websites by using passive online sources. It has a simple modular architecture and has been aimed as a successor to sublist3r project. SubFinder uses Passive Sources, Search Engines, Pastebins, Internet Archives, etc to find subdomains and then it uses a permutation module inspired by altdns to generate permutations and resolve them quickly using a powerful bruteforcing engine. It can also perform plain bruteforce if needed. The tool is highly customizable, and the code is built with a modular approach in mind making it easy to add functionalities and remove errors. We have designed SubFinder to comply with all passive sources licenses, and usage restrictions, as well as maintained a consistently passive model to make it useful to both penetration testers and bug bounty hunters alike.
subdomain subdomain-enumeration subdomain-bruteforcing bruteforcing hacking bug-bounty penetration-testing reconaissance subdomain-scanner enumeration discover-services hacking-tool security-tools security-audit security-scanner subdomain-brute subdomain-takeover osint osint-resources pentestingferoxbuster - A fast, simple, recursive content discovery tool written in Rust.
feroxbuster is a tool designed to perform Forced Browsing. Forced browsing is an attack where the aim is to enumerate and access resources that are not referenced by the web application, but are still accessible by an attacker.
web enumeration pentest hacktoberfest content-discovery url-bruteforcer pentesting-toolkernelpop - kernel privilege escalation enumeration and exploitation framework
both of the binary build steps should create a binary kernelpop in the project root.
enumeration kernel exploits vulnerabilities security toolsAWSBucketDump - Security Tool to Look For Interesting Files in S3 Buckets
This is a tool that enumerates Amazon S3 buckets and looks for interesting files. I have example wordlists but I haven't put much time into refining them.
s3-bucket penetration-testing bugbounty enumerationSpecializedEnum: a base class to allow enum-like behavior with arbitrary objects
This class uses readonly variables, reflection, generics, and an internal ordered list to provide behavior similar to that of an enum but with arbitrary objects or value types rather than only integer numeric types. Public static readonly variables can be added in the derived ...
code-snippet enum enumeration genericsEnumeration of objects Class Library C#
At core level in Java I like extension of traditional enum type permiting use as the elements instances of a class. The project implements the same idea by C# with some more advanced features like a set type with boolean operators extending idea of FlagsAttribute
attributes enum-objects enumeration generics named-members-sets-a reflectionpspy - Monitor linux processes without root permissions
pspy is a command line tool designed to snoop on processes without need for root permissions. It allows you to see commands run by other users, cron jobs, etc. as they execute. Great for enumeration of Linux systems in CTFs. Also great to demonstrate your colleagues why passing secrets as arguments on the command line is a bad idea. The tool gathers it's info from procfs scans. Inotify watchers placed on selected parts of the file system trigger these scans to catch short-lived processes.
ctf pentesting privesc enumerationEnum - Enumeration list for CakePHP 3
Enumeration list for CakePHP 3. For documentation, as well as tutorials, see the Docs directory of this repository.
cakephp cakephp-plugin cakephp3 enumerationenumerate_it - Enumerations for Ruby with some magic powers! 🎩
EnumerateIt helps you to declare and use enumerations in a very simple and flexible way. Enumerations are created as classes and you should put them inside app/enumerations folder.
enumeration rails ruby-enumerationsdirsearch - A Go implementation of dirsearch.
DirSearch takes an input URL ( -url parameter ) and a wordlist ( -wordlist parameter ), it will then perform concurrent HEAD requests using the lines of the wordlist as paths and files eventually bruteforcing folders and files on a web server. This project is copyleft of Simone Margaritelli and released under the GPL 3 license.
security-tools security-audit dirsearch dirbuster bruteforce wordlist enumeration information-gatheringenumjs - Type-safe enums in JavaScript
This is an attempt at realizing type-safe enums in JavaScript. I'm most familiar with the way enums work in Java, and so I modeled this library after that. JavaScript doesn't have true enums. Most workarounds to this problem involve using a map where the keys represent the enum constants, and the values are integers or string-representations of the enum constants. This is a convenient solution, but the main problem is that you don't really get any type-safety since the values are just regular JavaScript types. This means that you can't even do instanceof checks, and you have to resort to checking the value against all defined-values to see if it is valid. *In Java the method is actually called valueOf and that's what I named it here originally as well. However, JavaScript has its own valueOf method on objects that does something else entirely, and I didn't want to override that behavior.
enumjs node-enumjs enum enums enumeration type-safetyenumerations - Better Rails Enumerations
Rails plugin for Enumerations in ActiveRecord models. Attribute foreign_key you can pass as a String or a Symbol. Attribute class_name can be set as a String, a Symbol or a String.
enumeration gem railsOpenCVDeviceEnumerator - This repository contains a class that allows the enumeration of video and audio devices in order to get the device IDs that are required, for example to create a VideoCapture object inside OpenCV
This project contains a C++ class that allows the enumeration of devices using DirectShow in Windows, in order to select and obtain the ID that needs to be used with OpenCV when creating, for example, a VideoCapture object to grab frames from a camera. I decided to put this up as "How to get the ID of a device to use inside OpenCV?" is a question that pops up continuously. The maintainers of OpenCV don't include this functionality in the library because it is very operating system dependant. The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
opencv video-capture enumeration cpp inside-opencv directshowIntRec-Pack - Intelligence and Reconnaissance Package/Bundle installer.
Intelligence and Reconnaissance Package/Bundle installer. IntRec-Pack is a Bash script designed to download, install and deploy several quality OSINT, Recon and Threat Intelligence tools. Due to the fact it manages the installation of the various dependencies related to these programs as well it aims to be a comprehensive assistant in setting up your intelligence gathering environment. Below is an overview of the tools and utilities it will help you set up.
reconnaissance bash pentest pentesting recon threatintel osint installer install-script enumeration automation security security-toolsMIDA-Multitool - Bash script purposed for system enumeration, vulnerability identification and privilege escalation
Bash script purposed for system enumeration, vulnerability identification and privilege escalation. MIDA Multitool draws functionality from several of my previous scripts namely SysEnum and RootHelper and is in many regards RootHelpers successor.
privilege-escalation enumeration vulnerability-identification bash root exploitation pentest pentesting shell shell-script exploit bash-scriptSysEnum - Simple Bash script to retrieve basic system information.
Simple Bash script to retrieve basic system information including but not limited to; current user, IP Configuration, ARP table and running processes.
enumeration enum system bash
We have large collection of open source products. Follow the tags from
Tag Cloud >>
Open source products are scattered around the web. Please provide information
about the open source projects you own / you use.
Add Projects.
