Penetration Testing Tools

A collection of more than 170+ tools, scripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT Security audits purposes.
Alternatives To Penetration Testing Tools
Project NameStarsDownloadsRepos Using ThisPackages Using ThisMost Recent CommitTotal ReleasesLatest ReleaseOpen IssuesLicenseLanguage
Pytest10,64113,25613 hours ago162June 23, 2023837mitPython
The pytest framework makes it easy to write small tests, yet scales to support complex functional testing
4 days ago51cc-by-sa-4.0Dockerfile
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
Bandit5,4861,1775834 days ago36March 10, 2023198apache-2.0Python
Bandit is a tool designed to find common security issues in Python code.
3 days ago95April 25, 2021309apache-2.0Go
syzkaller is an unsupervised coverage-guided kernel fuzzer
Mobileapp Pentest Cheatsheet4,158
3 days ago13
The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
2 days ago36apache-2.0C
The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power schedules, MOpt mutators, unicorn_mode, and a lot more!
6 days ago20bsd-3-clausePython
The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
Manticore3,5351116 days ago1,027August 14, 2023264agpl-3.0Python
Symbolic execution tool
Suricata3,49112 days ago4January 31, 202362gpl-2.0C
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community.
2 months ago5otherPython
pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.
Alternatives To Penetration Testing Tools
Select To Compare

Alternative Project Comparisons

A collection of my Penetration Testing Tools, Scripts, Cheatsheets

This is a collection of more than a 160+ tools, scripts, cheatsheets and other loots that I've been developing over years for Penetration Testing and IT Security audits purposes. Most of them came handy at least once during my real-world engagements.

Notice: In order to clone this repository properly - use --recurse-submodules switch:

git clone --recurse

Most of these files were initially shared on my Gists but eventually got moved into this repository.

Every time I stumbled upon a problem that could be better scripted or resolved programatically - I made effort to do just that and thus improve my technical assurance capabilities or to optimize time spent on repetitive actions during projects I've been delivering.

The collection is divided further onto following sections:

  • clouds - Tools I came up with during my cloud assessments
  • file-formats - file-format related utilities, fuzzers and alike.
  • linux - small bunch of Linux-based scripts and tools.
  • networks - Network devices & protocols Penetration Testing toolery
  • others - Others related somehow to this craftmanship
  • phishing - Scripts and tools used to deliver Phishing Awareness and Red Team simulations
  • red-teaming - Lots of toolings I've been using during my Purple/Red-Teaming engagements
  • web - Web applications security assessment related utilities.
  • windows - Windows goodies, scripts, exploits.

The base of these tools do not contain any customer/client related sensitive information as well as there are no engagement-specific tools developed as PoCs.

☕ Show Support ☕

This and other projects are outcome of sleepless nights and plenty of hard work. If you like what I do and appreciate that I always give back to the community, Consider buying me a coffee (or better a beer) just to say thank you! 💪

Mariusz Banach / mgeeky, (@mariuszbit)
<mb [at]>
Popular Security Projects
Popular Testing Projects
Popular Security Categories
Related Searches

Get A Weekly Email With Trending Projects For These Categories
No Spam. Unsubscribe easily at any time.
Penetration Testing
Social Engineering