Awesome Open Source
Awesome Open Source
Combined Topics
penetration-testing x

The Top 3,287 Penetration Testing Open Source Projects

Categories > Security > Penetration Testing
Awesome Hacking ⭐ 55,167
A collection of various awesome lists for hackers, pentesters and security researchers
most recent commit a month ago
Payloadsallthethings ⭐ 41,655
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
most recent commit a day ago
Sqlmap ⭐ 24,814
Automatic SQL injection and database takeover tool
most recent commit 16 hours ago
Awesome Hacking Resources ⭐ 12,385
A collection of hacking / penetration testing resources to make you better!
most recent commit a month ago
H4cker ⭐ 12,122
This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.
most recent commit 2 days ago
Ciphey ⭐ 10,728
⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡
total releases 50most recent commit 5 days ago
Pentesting Bible ⭐ 10,179
Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.
most recent commit 2 months ago
Hacker Roadmap ⭐ 9,530
A collection of hacking tools, resources and references to practice ethical hacking.
most recent commit a month ago
Owasp Mastg ⭐ 9,470
The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).
most recent commit 19 hours ago
Social Analyzer ⭐ 9,221
API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites
total releases 45most recent commit a month ago
Awesome Security ⭐ 8,865
A collection of awesome software, libraries, documents, books, resources and cools stuffs about security.
most recent commit 4 days ago
Dirsearch ⭐ 8,627
Web path scanner
total releases 6most recent commit a day ago
Spiderfoot ⭐ 8,508
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
most recent commit 11 days ago
Resources For Beginner Bug Bounty Hunters ⭐ 7,895
A list of resources for those interested in getting started in bug bounties
most recent commit 2 months ago
Ffuf ⭐ 7,742
Fast web fuzzer written in Go
dependent packages 1total releases 18most recent commit 16 days ago
Awesome Web Security ⭐ 7,386
🐶 A curated list of Web Security materials and resources.
most recent commit 2 months ago
Juice Shop ⭐ 7,247
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
most recent commit 3 days ago
Rustscan ⭐ 7,238
🤖 The Modern Port Scanner 🤖
total releases 17most recent commit 4 days ago
Pupy ⭐ 6,898
Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python
most recent commit 7 months ago
Scanners Box ⭐ 6,730
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
most recent commit 2 days ago
Thc Hydra ⭐ 6,657
hydra
most recent commit 8 days ago
Red Teaming Toolkit ⭐ 6,647
This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
most recent commit a day ago
Gobuster ⭐ 6,486
Directory/File, DNS and VHost busting tool written in Go
dependent packages 1total releases 3most recent commit a month ago
Crackmapexec ⭐ 6,476
A swiss army knife for pentesting networks
total releases 15most recent commit a day ago
Nishang ⭐ 6,269
Nishang - Offensive PowerShell for red team, penetration testing and offensive security.
most recent commit 6 months ago
Monkey ⭐ 5,946
Infection Monkey - An automated pentest tool
most recent commit 14 hours ago
Sn1per ⭐ 5,568
Attack Surface Management Platform | Sn1perSecurity LLC
most recent commit 18 days ago
Windows Kernel Exploits ⭐ 5,460
windows-kernel-exploits Windows平台提权漏洞集合
most recent commit a year ago
Hacktricks ⭐ 5,298
Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
most recent commit 17 hours ago
Objection ⭐ 5,088
📱 objection - runtime mobile exploration
total releases 75most recent commit 3 months ago
Osintgram ⭐ 4,996
Osintgram is a OSINT tool on Instagram. It offers an interactive shell to perform analysis on Instagram account of any users by its nickname
most recent commit a month ago
Commando Vm ⭐ 4,887
Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. [email protected]
most recent commit a year ago
Beginner Network Pentesting ⭐ 4,850
Notes for Beginner Network Pentesting Course
most recent commit 15 days ago
Wstg ⭐ 4,841
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
most recent commit 5 days ago
Penetration_testing_poc ⭐ 4,728
渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
most recent commit 2 days ago
K8tools ⭐ 4,727
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/ Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jbos
most recent commit 24 days ago
Rengine ⭐ 4,695
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.
most recent commit a day ago
Hetty ⭐ 4,602
An HTTP toolkit for security research.
total releases 18most recent commit 3 months ago
Infosec_reference ⭐ 4,499
An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
most recent commit a month ago
Ptf ⭐ 4,373
The Penetration Testers Framework (PTF) is a way for modular support for up-to-date tools.
most recent commit 2 months ago
Yakit ⭐ 4,371
Cyber Security ALL-IN-ONE Platform
most recent commit 5 days ago
Airgeddon ⭐ 4,365
This is a multi-use bash script for Linux systems to audit wireless networks.
most recent commit 24 days ago
Awesome Web Hacking ⭐ 4,260
A list of web application security
most recent commit 8 days ago
Androguard ⭐ 4,089
Reverse engineering and pentesting for Android applications
dependent packages 14total releases 15most recent commit a month agopypi androguard} Downloads
Osmedeus ⭐ 4,015
A Workflow Engine for Offensive Security
most recent commit 19 days ago
Whatweb ⭐ 3,984
Next generation web scanner
most recent commit 2 months ago
Fuzzdicts ⭐ 3,981
Web Pentesting Fuzz 字典,一个就够了。
most recent commit 10 months ago
Linux Kernel Exploits ⭐ 3,903
linux-kernel-exploits Linux平台提权漏洞集合
most recent commit 2 years ago
Awesome Infosec ⭐ 3,896
A curated list of awesome infosec courses and training resources.
most recent commit 7 months ago
1earn ⭐ 3,768
ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
most recent commit a month ago
Cve ⭐ 3,665
Gather and update all available and newest CVEs with their PoC.
most recent commit 16 hours ago
Hacking Security Ebooks ⭐ 3,626
Top 100 Hacking & Security E-Books (Free Download)
most recent commit 2 months ago
Cheatsheet God ⭐ 3,599
Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet
most recent commit 8 months ago
Mobileapp Pentest Cheatsheet ⭐ 3,525
The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
most recent commit 8 days ago
Faraday ⭐ 3,515
Open Source Vulnerability Management Platform
dependent packages 1total releases 23most recent commit 2 days agopypi faradaysec} Downloads
Commix ⭐ 3,448
Automated All-in-One OS Command Injection Exploitation Tool.
most recent commit 25 days ago
Ladon ⭐ 3,436
Ladon modular hacking framework penetration scanner & Cobalt strike, Ladon 9.2.1 has 171 built-in modules, including information collection / surviving host / port scanning / service identification / password blasting / vulnerability detection / vulnerability utilization. Vulnerability detection includes ms17010 / smbghost / Weblogic / ActiveMQ / Tomcat / Struts2, password and password blasting (MySQL / Oracle / MSSQL) / ftp / SSH (Linux) / VNC / windows (IPC / WMI / SMB / NetBIOS / LDAP / smbha
most recent commit a month ago
Awesome Shodan Queries ⭐ 3,311
🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻
most recent commit 2 months ago
Feroxbuster ⭐ 3,226
A fast, simple, recursive content discovery tool written in Rust.
total releases 62most recent commit 2 days ago
Hack Tools ⭐ 3,212
The all-in-one Red Team extension for Web Pentester 🛠
most recent commit 5 months ago
Hakrawler ⭐ 3,168
Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application
total releases 11most recent commit a month ago
Reconftw ⭐ 3,162
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
most recent commit 15 hours ago
Arachni ⭐ 3,055
Web Application Security Scanner Framework
most recent commit 4 months ago
Cameradar ⭐ 3,047
Cameradar hacks its way into RTSP videosurveillance cameras
total releases 7most recent commit 3 days ago
Pacu ⭐ 3,036
The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
most recent commit 3 days ago
Free Security Ebooks ⭐ 2,988
Free Security and Hacking eBooks
most recent commit 3 years ago
Patator ⭐ 2,975
Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.
total releases 3most recent commit 2 months ago
Defaultcreds Cheat Sheet ⭐ 2,954
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
most recent commit 5 days ago
Xunfeng ⭐ 2,946
巡风是一款适用于企业内网的漏洞快速应急,巡航扫描系统。
most recent commit 2 years ago
Lscript ⭐ 2,921
The LAZY script will make your life easier, and of course faster.
most recent commit a year ago
Socialfish ⭐ 2,873
Phishing Tool & Information Collector
most recent commit 4 months ago
Drozer ⭐ 2,866
The Leading Security Assessment Framework for Android.
most recent commit 2 months ago
Allaboutbugbounty ⭐ 2,845
All about bug bounty (bypasses, payloads, and etc)
most recent commit 16 days ago
Discover ⭐ 2,804
Custom bash scripts used to automate various penetration testing tasks including recon, scanning, enumeration, and malicious payload creation using Metasploit. For use with Kali Linux.
most recent commit a day ago
Evil Winrm ⭐ 2,801
The ultimate WinRM shell for hacking/pentesting
total releases 18most recent commit 2 months ago
Learn Web Hacking ⭐ 2,801
Study Notes For Web Hacking / Web安全学习笔记
most recent commit a month ago
Active Directory Exploitation Cheat Sheet ⭐ 2,771
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
most recent commit 6 months ago
Pocsuite3 ⭐ 2,767
pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.
most recent commit 22 days ago
Pspy ⭐ 2,765
Monitor linux processes without root permissions
most recent commit 4 months ago
Red Team Infrastructure Wiki ⭐ 2,746
Wiki to collect Red Team infrastructure hardening resources
most recent commit 2 years ago
Kubernetes Goat ⭐ 2,728
Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀
most recent commit 17 hours ago
Redteaming Tactics And Techniques ⭐ 2,689
Red Teaming Tactics and Techniques
most recent commit 8 days ago
Payloads ⭐ 2,619
Git All the Payloads! A collection of web attack payloads.
most recent commit a year ago
Raccoon ⭐ 2,571
A high performance offensive security tool for reconnaissance and vulnerability scanning
dependent packages 1total releases 33most recent commit 9 days agopypi raccoon-scanner} Downloads
Java Deserialization Cheat Sheet ⭐ 2,567
The cheat sheet about Java Deserialization vulnerabilities
most recent commit 23 days ago
Linux Smart Enumeration ⭐ 2,444
Linux enumeration tool for pentesting and CTFs with verbosity levels
most recent commit 7 days ago
Vulscan ⭐ 2,429
Advanced vulnerability scanning with Nmap NSE
most recent commit 7 months ago
Winpwn ⭐ 2,416
Automation for internal Windows Penetrationtest / AD-Security
most recent commit a month ago
Pentest Wiki ⭐ 2,307
PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.
most recent commit 2 years ago
Vulmap ⭐ 2,266
Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞验证功能
most recent commit 6 months ago
Kscan ⭐ 2,222
Kscan是一款纯go开发的全方位扫描器,具备端口扫描、协议检测、指纹识别,暴力破解等功能。支持协议
total releases 13most recent commit 18 hours ago
Awesome Hacking ⭐ 2,110
Awesome hacking is an awesome collection of hacking tools.
most recent commit 10 days ago
Burpsuite Collections ⭐ 2,098
有关burpsuite的插件(非商店),文章以及使用技巧的收集(此项目不再提供burpsuite破解 of burpsuite plugins (non-stores), articles and tips for using Burpsuite, no crack version file
most recent commit 11 days ago
Awesome Pentest Cheat Sheets ⭐ 2,095
Collection of the cheat sheets useful for pentesting
most recent commit 2 years ago
Awesome Nodejs Security ⭐ 2,005
Awesome Node.js Security resources
most recent commit 15 days ago
Archerysec ⭐ 1,989
Automate Your Application Security Orchestration And Correlation (ASOC) Using ArcherySec.
most recent commit 2 days ago
Nettacker ⭐ 1,983
Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management
most recent commit 17 hours ago
Black Hat Rust ⭐ 1,980
Applied offensive security with Rust - https://kerkour.com/black-hat-rust
total releases 4most recent commit 7 days ago
Malicious Pdf ⭐ 1,824
💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh
most recent commit 20 days ago
Ssrf Testing ⭐ 1,812
SSRF (Server Side Request Forgery) testing resources
most recent commit 7 months ago
1-100 of 3,287 projects
Related Awesome Lists
Security Penetration Testing Projects (652)
Categories
Advertising 📦 8
All Projects
Application Programming Interfaces 📦 107
Applications 📦 174
Artificial Intelligence 📦 69
Blockchain 📦 66
Build Tools 📦 105
Cloud Computing 📦 68
Code Quality 📦 24
Collaboration 📦 27
Command Line Interface 📦 38
Community 📦 79
Companies 📦 60
Compilers 📦 59
Computer Science 📦 73
Configuration Management 📦 37
Content Management 📦 153
Control Flow 📦 187
Data Formats 📦 72
Data Processing 📦 249
Data Storage 📦 116
Economics 📦 56
Frameworks 📦 178
Games 📦 110
Graphics 📦 92
Hardware 📦 137
Integrated Development Environments 📦 43
Learning Resources 📦 139
Legal 📦 24
Libraries 📦 117
Lists Of Projects 📦 19
Machine Learning 📦 313
Mapping 📦 57
Marketing 📦 15
Mathematics 📦 54
Media 📦 214
Messaging 📦 96
Networking 📦 292
Operating Systems 📦 72
Operations 📦 114
Package Managers 📦 50
Programming Languages 📦 173
Runtime Environments 📦 90
Science 📦 42
Security 📦 342
Social Media 📦 23
Software Architecture 📦 65
Software Development 📦 60
Software Performance 📦 53
Software Quality 📦 116
Text Editors 📦 40
Text Processing 📦 118
User Interface 📦 291
User Interface Components 📦 440
Version Control 📦 26
Virtualization 📦 63
Web Browsers 📦 35
Web Servers 📦 23
Web User Interface 📦 167
Top Programming Languages
Javascript  (1,094,552)
Python  (840,926)
Java  (397,509)
Php  (290,361)
Typescript  (268,600)
C Plus Plus  (246,750)
Ruby  (222,778)
C  (186,685)
Shell  (176,042)
C Sharp  (170,124)
Golang  (164,291)
Swift  (66,887)
Rust  (62,136)
R  (59,790)
Objective C  (57,105)
Dart  (56,472)
Kotlin  (49,445)
Lua  (35,819)
Matlab  (31,853)
Perl  (30,656)
Language  (29,985)
Scala  (28,947)
Haskell  (20,643)
Powershell  (19,580)
Clojure  (19,296)
Bash  (18,890)
Coffeescript  (17,223)
Elixir  (16,965)
Assembly  (15,033)
Julia  (13,347)
Processing  (13,288)
Basic  (10,702)
Emacs Lisp  (10,581)
Flow  (10,541)
Erlang  (9,072)
Solidity  (9,017)
Groovy  (8,487)
Scheme  (8,421)
Ocaml  (6,809)
Pascal  (6,586)
Hack  (6,477)
Lisp  (6,346)
Fortran  (5,663)
Elm  (5,508)
Common Lisp  (5,391)
Dlang  (4,765)
Shell Script  (4,735)
Python Library  (4,474)
Crystal  (4,403)
Scripting  (4,221)
Top Projects
Freecodecamp ⭐ 354,898
996.icu ⭐ 264,123
Free Programming Books ⭐ 250,918
Coding Interview University ⭐ 235,345
Awesome ⭐ 221,638
Developer Roadmap ⭐ 213,931
Public Apis ⭐ 210,596
Vue ⭐ 199,807
System Design Primer ⭐ 198,956
React ⭐ 195,656
Tensorflow ⭐ 168,199
Build Your Own X ⭐ 167,003
Bootstrap ⭐ 159,837
You Dont Know Js ⭐ 159,180
Cs Notes ⭐ 157,200
Javascript Algorithms ⭐ 152,325
Ohmyzsh ⭐ 150,805
Python ⭐ 146,259
Flutter ⭐ 145,538
Awesome Python ⭐ 143,628
Linux ⭐ 139,154
Gitignore ⭐ 139,153
Vscode ⭐ 137,318
Javaguide ⭐ 127,697
Javascript ⭐ 127,656
Python 100 Days ⭐ 125,388
Computer Science ⭐ 124,972
Youtube Dl ⭐ 113,939
The Art Of Command Line ⭐ 111,100
Fucking Algorithm ⭐ 110,756
React Native ⭐ 105,174
Awesome Selfhosted ⭐ 105,082
Go ⭐ 104,396
Electron ⭐ 103,971
30 Seconds Of Code ⭐ 102,805
D3 ⭐ 101,796
Create React App ⭐ 97,252
Axios ⭐ 96,215
Free Programming Books Zh_cn ⭐ 94,901
Next.js ⭐ 93,503
Kubernetes ⭐ 92,616
Node ⭐ 90,764
Awesome Go ⭐ 89,034
Three.js ⭐ 85,848
Deno ⭐ 85,661
Terminal ⭐ 85,522
Typescript ⭐ 84,767
Angular ⭐ 84,159
Ant Design ⭐ 82,113
Material Ui ⭐ 81,776
Privacy | About | Terms | Follow Us On Twitter

Downloads, Dependent Repos, Dependent Packages, Total Releases, Latest Releases data powered by Libraries.io.

Copyright 2018-2022 Awesome Open Source.  All rights reserved.