30 open-source projects similar to bitthebyte/eagle, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best Eagle alternative.
CrackMapExec is a network penetration testing framework and automated security scanner designed to assess security postures across large IP ranges. It functions as a multi-protocol security scanner and network protocol auditor used to identify vulnerabilities and misconfigurations. The tool provides capabilities for Active Directory auditing to enumerate users and permissions, as well as post-exploitation enumeration to gather system metadata and discover lateral movement paths. It includes a framework for credential spraying and harvesting across various network services. The system utilize
Flan is a containerized network vulnerability scanner and security auditor. It identifies open ports and service versions across a network to detect known security weaknesses and misconfigurations. The system is designed to run within isolated container environments, utilizing configuration maps to manage target lists and secrets. It includes a dedicated mechanism for archiving scan output files and security analysis data to remote S3 buckets for long-term storage. The tool generates formatted vulnerability summaries and security reports in multiple document formats for technical analysis. I
Find exploits in local and online databases instantly
Sn1per is a vulnerability management platform and penetration testing orchestrator designed to automate reconnaissance, vulnerability scanning, and exploit verification. It functions as a dockerized security toolkit that coordinates multiple tools into a unified automated pipeline to identify security flaws across network and web assets. The platform features an attack surface manager for discovering internet-facing assets through OSINT, DNS enumeration, and certificate transparency. It distinguishes itself with an AI-powered security analyzer that uses large language models to summarize scan
Arachni is a dynamic application security testing vulnerability scanner and web application security tool. It functions as a distributed web audit framework that performs active and passive audits to identify security flaws such as SQL injection and cross-site scripting. The project features a JavaScript-aware web crawler that executes scripts and monitors DOM changes to analyze modern dynamic web applications. It utilizes server platform fingerprinting to target compatible security payloads and provides a grid-based system to distribute scanning workloads across multiple nodes. The tool cov
Scan your code for security misconfiguration, search for passwords and secrets. :mag:
*本软件仅限用于学习交流禁止用于任何非法行为 本软件为burpsuite的一个插件,实验作品只是为插件开发做一个实验。使用burpsuite提供的API很少,希望抛砖引玉fork指正。 本版本支持elasticsearch java语言远程命令执行及文件上传 elasticsearchgroov语言远程命令执行及文件上传 struts2-005、 struts2-009、struts2-013、struts2-016、struts2-019、struts2-020、struts2-devmode、 struts2-032、struts2-033、…
Lonkero - Wraps around your attack surface. Professional-grade scanner for real penetration testing. Fast. Modular. Rust.
All-in-one plugin for Burp Suite for the detection and the exploitation of Java deserialization vulnerabilities
A Burp extension to detect and exploit versions of Telerik Web UI vulnerable to CVE-2017-9248. This extension is based on the original exploit tool written by Paul Taylor (@bao7uo) which is available at https://github.com/bao7uo/dp_crypto. Credits and big thanks to him.
Xray is a security assessment tool focused on web vulnerability scanning, attack surface mapping, and technology fingerprinting. It identifies common security flaws through automated scanning and semantic analysis, while verifying findings via a custom proof-of-concept execution engine. The system distinguishes itself with a containerized vulnerability testbed used to deploy pre-configured vulnerable applications. This environment allows for the simulation of specific vulnerabilities and edge-case scenarios to validate scanner accuracy and eliminate false positives. The platform covers a bro
Burp extension that checks application requests and responses for indicators of vulnerability or targets for attack
OWASP PTK - application security browser extension.
SuperSerial - Burp Java Deserialization Vulnerability Identification
SuperSerial-Active - Java Deserialization Vulnerability Active Identification Burp Extender
Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more
Dangerously fast dns/network/port scanner, all-in-one.
自动整合全网Nuclei的漏洞POC,实时同步更新最新POC!
weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883
Burp/ZAP/Maven extension that integrate Retire.js repository to find vulnerable Javascript libraries.
GNU GENERAL PUBLIC LICENSE Version 2, June 1991