30 open-source projects similar to sqlmapproject/sqlmap, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best Sqlmap alternative.
Commix is an automated tool for detecting and exploiting OS command injection vulnerabilities in web applications. It probes user-supplied input vectors with heuristic test payloads, analyzes response differences to identify injection points, and then automates the execution of arbitrary operating system commands on the target server. The tool distinguishes itself through a multi-layer filter bypass engine that evaluates input constraints independently per filter type and composes tailored evasion strategies into a single payload. A modular payload tamper pipeline transforms raw injection str
XSStrike is an automated security scanning engine designed for web application discovery, input
OWASP ZAP is a dynamic application security testing tool and intercepting HTTP proxy used to find vulnerabilities in web applications. It functions as a penetration testing framework that enables both automated security scanning and manual security testing of running web services. The tool provides a suite of capabilities for analyzing web applications from the outside in, including the ability to capture and modify traffic between a browser and a target application. It is designed to integrate into DevSecOps pipelines to provide consistent security checks across different environments.
Nishang is a PowerShell-based offensive security framework designed for red teaming and penetration testing on Windows targets. It functions as a post-exploitation toolkit and payload generator to automate attacks and manage remote targets. The project provides specialized capabilities for bypassing security controls, such as disabling the Antimalware Scan Interface and employing in-memory execution to avoid disk-based detection. It includes a variety of stealthy command and control mechanisms, utilizing non-standard channels like DNS TXT records, ICMP traffic, and webmail for communication a
Automated NoSQL database enumeration and web application exploitation tool.
Maskphish is a comprehensive security toolkit that integrates capabilities for digital forensics, network vulnerability scanning, open-source intelligence, penetration testing, and social engineering. It functions as a multi-purpose framework for automating reconnaissance and executing security audits across diverse network environments. The project features a specialized phishing and social engineering toolkit used for cloning websites, masking URLs, and deploying deceptive pages to capture user credentials. It also includes a remote access Trojan builder for generating platform-specific exe
w3af is a web penetration testing suite and security audit framework designed to identify and exploit vulnerabilities in web applications. It functions as a vulnerability scanner that crawls targets to find injection points and a fuzzer used to discover hidden endpoints and test input validation. The project distinguishes itself by providing an intercepting HTTP proxy for capturing and modifying traffic, combined with a knowledge-base driven exploitation system. It enables the execution of security exploits to gain remote shell access and supports post-exploitation activities, such as routing
XSStrike is a security tool designed to detect cross-site scripting vulnerabilities through parameter fuzzing and web response analysis. It functions as a web application fuzzer and vulnerability scanner that identifies injection points and security flaws. The project includes a specialized utility for detecting blind XSS, where payloads execute asynchronously or on separate pages. It also features a JavaScript library auditor to identify outdated libraries with known vulnerabilities and a dedicated tool for identifying and bypassing web application firewalls using various evasion techniques.
The framework is a comprehensive penetration testing platform designed for the development, testing, and execution of security exploits. It serves as a research toolkit and automated assessment environment, enabling security professionals to identify and validate vulnerabilities within networked systems and infrastructure through repeatable, standardized procedures. The platform distinguishes itself through a modular architecture that supports reflective payload injection, allowing for the execution of code directly in memory without writing to disk. It utilizes an asynchronous event loop to
WPScan is a security analysis utility and vulnerability scanner designed specifically for auditing WordPress installations and other content management systems. It functions as a web application security tool that identifies misconfigurations, outdated software, and security holes in core installations, plugins, and themes. The tool employs black-box scanning techniques to perform site component enumeration, identifying users, themes, and plugins by matching known file paths and response signatures. It matches these detected components against a database of known security flaws to analyze the
ExploitDB is a curated archive of exploit code and vulnerability data designed for penetration testing and security research. It serves as an offensive security knowledge base and a repository of publicly available proof-of-concept code used to validate software flaws. The project provides a searchable collection of historical and current exploit vectors. It supports security threat intelligence by tracking public releases and aids in vulnerability research by providing a reference library for analyzing how specific systems can be compromised. The archive is managed through a curated input p
Sherlock is a command-line automation tool designed to orchestrate software build, execution, and deployment workflows. It functions as an ephemeral runtime orchestrator that executes applications directly from source code, bypassing the need for persistent system-wide installations or manual dependency management. By providing a unified, containerized development environment, it ensures that application dependencies and infrastructure configurations remain consistent across diverse host operating systems. The project distinguishes itself through its ability to synthesize container images dec
Nikto is an open-source HTTP security auditing tool and web server vulnerability scanner. It functions as a reconnaissance engine designed to identify insecure server options, outdated software, and common vulnerabilities by analyzing HTTP responses. The project differentiates itself through capabilities for intrusion detection evasion and web server fingerprinting. It uses request-level encoding and timing spacers to bypass security filters and employs signature-based identification to determine specific server software versions and misconfigurations. The scanner covers broad capability are
Server-Side Template Injection and Code Injection Detection and Exploitation Tool
SecLists is a centralized library of security assessment data designed to support vulnerability discovery and penetration testing. It functions as a comprehensive repository of wordlists, payloads, and testing methodologies used to audit software, firmware, and internet-connected hardware for technical vulnerabilities. The project distinguishes itself through a standardized taxonomy and a language-agnostic data format, which allows security tools to predictably ingest and utilize its assets regardless of the underlying programming environment. By decoupling raw testing data from execution log
Dalfox is an automated web application security tool specifically designed for discovering and verifying cross-site scripting vulnerabilities. It functions as an XSS vulnerability scanner that analyzes HTTP parameters and DOM structures to identify reflected, stored, and blind injection points. The project distinguishes itself by providing a Model Context Protocol server and a REST API, allowing artificial intelligence agents and remote interfaces to trigger and manage security scans programmatically. It utilizes a payload mutation engine and fingerprinting strategies to execute WAF evasion t
The Social-Engineer Toolkit is a social engineering framework and penetration testing suite designed to simulate human-centric security attacks. It serves as a phishing simulation tool and credential harvesting utility to evaluate personnel awareness and organizational resilience. The toolkit provides specialized tooling for phishing campaign testing and credential theft simulation. It enables the creation of deceptive emails and landing pages to identify vulnerabilities in how users handle sensitive account information. The system includes capabilities for security awareness training and br
Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor
Mitmproxy is an interactive, programmable network proxy engine designed for traffic analysis and protocol manipulation. It functions as a gateway that intercepts, inspects, and modifies network traffic in real-time, supporting HTTP, HTTPS, WebSocket, DNS, and generic TCP or UDP streams. By acting as a trusted certificate authority, the proxy can dynamically generate and sign certificates to decrypt and analyze secure TLS-encrypted connections. The project distinguishes itself through a highly extensible, event-driven architecture that allows users to automate traffic transformation using cust
Cyclops 是一款具有 XSS 检测功能的浏览器
recon-ng is an open source intelligence reconnaissance framework designed to automate the collection and aggregation of public information. It is a modular intelligence tool that utilizes a system of pluggable modules to harvest target data, resolve DNS queries, and parse web content. The framework is built as an API-driven tool with a programmatic interface to integrate with other security workflows. It is provided as a containerized application, using Docker to ensure a consistent environment for running reconnaissance tasks and managing a persistent data store. Its capabilities cover exte
A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
Automated client-side template injection (sandbox escape/bypass) detection for AngularJS v1.x.
A tool for bug hunting or pentesting for targeting websites that have open .git repositories available in public
Bjorn is a penetration testing framework that automates network scanning, credential brute-forcing, vulnerability assessment, and data exfiltration, all coordinated through an event-driven task pipeline and controlled via a web-based dashboard. Its modular plugin architecture allows independent security modules to be loaded and chained together, with an asynchronous network scanner discovering live hosts and open ports without blocking the main execution flow. The framework distinguishes itself by integrating a credential brute-force engine that systematically attempts login combinations agai
Routersploit is a penetration testing framework designed for the security assessment of embedded network devices and routers. It functions as a comprehensive tool for auditing hardware configurations and testing network protocols to identify and verify security vulnerabilities. The framework utilizes a modular plugin architecture that allows for the dynamic loading of exploit and scanner modules. It provides a centralized command interface that manages target state and executes controlled payloads, enabling the automation of security testing across diverse network hardware. The platform cove
CrackMapExec is a network penetration testing framework and automated security scanner designed to assess security postures across large IP ranges. It functions as a multi-protocol security scanner and network protocol auditor used to identify vulnerabilities and misconfigurations. The tool provides capabilities for Active Directory auditing to enumerate users and permissions, as well as post-exploitation enumeration to gather system metadata and discover lateral movement paths. It includes a framework for credential spraying and harvesting across various network services. The system utilize
PentestGPT is an autonomous security testing framework that leverages large language models to plan, execute, and coordinate end-to-end penetration testing engagements. By functioning as an autonomous agent, the system automates the entire testing lifecycle, from initial reconnaissance and vulnerability analysis to the generation of custom exploits and the execution of post-exploitation tasks. The platform distinguishes itself through a multi-agent orchestration system that coordinates specialized AI agents to collaborate on complex, multi-stage attack chains. It integrates multimodal context
Pacu is an exploitation framework designed for auditing and testing the security of Amazon Web Services environments. It serves as a cloud penetration testing tool and resource enumerator used to identify misconfigurations, map attack surfaces, and execute privilege escalation paths. The framework provides specialized capabilities for post-exploitation and red team operations, including establishing persistence through identity and access management backdooring. It distinguishes itself with a plugin-based module system that allows for the development of custom tasks and the orchestration of A
AllHackingTools is a security tool orchestrator and suite designed to install, update, and manage a wide array of third-party hacking and security utilities from a single command interface. It functions as a centralized hub for network analysis, open source intelligence, penetration testing, and social engineering tools. The project provides specialized frameworks for gathering open source intelligence and searching for user profiles across social platforms. It includes toolkits for network reconnaissance, vulnerability scanning, and the execution of security exploits, as well as a social eng