30 open-source projects similar to mozilla/http-observatory, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best Http Observatory alternative.
An API for escaping different kind of queries
An observatory for TLS configurations, X509 certificates, and more.
Android library to verify the safety of user devices. Make sure that API calls from your app can be trusted. Instantly detect rooted devices, emulators, cloned apps, and other risk factors.
A simple public API that generates random password
Free bot detection library that runs in the browser. Detects automation tools and frameworks. No server required, runs 100% on the client. MIT license, no usage restrictions.
A curated list of awesome malware persistence tools and resources.
A curated list of annual cyber security reports
Gobuster is a command-line security utility designed for brute-force discovery of hidden infrastructure and content. It operates by systematically testing wordlists against target network services to identify files, directories, subdomains, and cloud storage buckets. The tool utilizes a concurrent worker pool to execute these requests in parallel, ensuring efficient scanning across various network environments. The project distinguishes itself through a modular plugin architecture that supports multiple discovery modes, including HTTP, DNS, and TFTP. This design allows for protocol-agnostic r
:computer:🛡️ A curated collection of awesome resources, tools, and other shiny things for cybersecurity blue teams.
mkcert is a command-line utility designed to simplify local development by generating and managing locally-trusted development certificates. It creates a unique, self-signed root certificate authority on the local machine, which serves as a trusted source for issuing development credentials. By automating the generation of these certificates, the tool enables secure encrypted connections that browsers and operating systems accept without security warnings. The utility distinguishes itself by automatically configuring local trust stores, programmatically injecting the generated root certificat
Impacket is a collection of Python classes designed for the construction, manipulation, and analysis of low-level network packets and services. It functions as a framework for building custom network tools, providing a programmatic interface to interact with communication protocols and service architectures. The library provides primitives for managing authentication, session state, and remote procedure calls within network environments. By offering a modular class hierarchy, it allows for the assembly of network packets and the implementation of specialized communication stacks. The project
🚗 A curated list of resources for learning about vehicle security and car hacking.
A curated list of awesome Fuzzing(or Fuzz Testing) for software security
:unlock::sunglasses: A curated list of awesome guides, tools, and other resources related to the security and compromise of locks, safes, and keys.
This project is a comprehensive, community-curated directory of cybersecurity resources, tools, and educational materials. It functions as a centralized index for researchers and students to discover frameworks and utilities across the entire security lifecycle, ranging from initial vulnerability assessment to post-exploitation analysis. The repository distinguishes itself through a hierarchical taxonomy that organizes diverse security disciplines into a searchable, version-controlled knowledge base. Rather than hosting software directly, it utilizes a decentralized aggregation model that lin
Browsh is a text-based web browser and headless browser frontend that renders modern websites and web applications within a terminal emulator. It functions as a TTY web browser, allowing users to view and interact with complex web content directly from a command line interface. The project enables web navigation in environments where a graphical user interface is unavailable, such as when accessing a remote server via SSH or operating in low-bandwidth conditions. It translates browser pixels and colors into ANSI escape codes to simulate a graphical interface using text characters. The system
:key: Simple API for enrypting/decrypting text messages
Bombardier is a concurrent HTTP load generator and performance benchmarking tool written in Go. It functions as a latency distribution analyzer and benchmarking utility designed to measure the throughput and response speed of HTTP services by simulating high-volume request loads. The tool provides specific capabilities for TLS benchmarking, supporting client certificate authentication and the ability to bypass server certificate verification. It distinguishes itself through the use of a token-bucket algorithm for precise request rate limiting and the use of templates to export benchmark resul
:computer: :coffee: List of Awesome Hacking Locations, organised by Country and City, listing if it features power and wifi
OpenID Connect, the authentication protocol and identity layer on top of OAuth 2.0 used in many SSO and adopted in many social logins (Apple, Facebook, Google, ...etc). Find this curated list of providers, services, libraries, and resources to adopt it and know more about existing specs.
This project is a comprehensive directory of software utilities, frameworks, and educational resources designed for cybersecurity competitions and offensive security research. It serves as a centralized index for tools used in cryptography, forensics, reverse engineering, and web exploitation, while providing structured materials for training and skill development. The repository distinguishes itself through a community-driven maintenance model that aggregates and organizes technical resources into a searchable, hierarchical structure. It facilitates knowledge transfer by cataloging expert pr
wrk2 is a high-performance HTTP benchmarking tool and constant throughput load generator. It is designed to measure server stability and throughput by sending a fixed number of requests per second, functioning as a high-resolution latency profiler and a Lua-scriptable performance tester. The tool distinguishes itself through a scriptable interface that uses a high-performance just-in-time compiler to define complex request formats and custom response reporting logic. It employs high-resolution histograms to capture precise response time distributions and high-percentile latency data. The pro
RustScan is a high-speed network reconnaissance tool designed for automated port discovery and service enumeration. It functions as an automated vulnerability scanner that identifies open ports and active services across network environments, providing a foundation for mapping attack surfaces and gathering intelligence on target systems. The tool distinguishes itself through its ability to dynamically adjust scanning parameters and concurrency in real-time based on system feedback, ensuring efficient performance while preventing network congestion. It features an extensible architecture that
🕶 A high-level overview of the EVM security ecosystem
A curated list of security card games.
Certbot is a command-line client designed to automate the lifecycle of digital security certificates. By implementing the ACME protocol, it manages the communication between a local server and a certificate authority to verify domain ownership and issue transport layer security certificates without manual intervention. The tool distinguishes itself through a modular plugin architecture that allows it to interact directly with various web server configurations and DNS providers. This framework enables the software to perform automated domain validation, modify server settings, and configure vi