Awesome Open Source
Search
Programming Languages
Languages
All Categories
Categories
About
Search results for pentesting tools
pentesting-tools
x
198 search results found
Subcert
⭐
45
Subcert is an subdomain enumeration tool, that finds all the subdomains from certificate transparency logs.
Scanman
⭐
42
ScanMan is the amalgamation of Masscan, Metasploit Framework (MSF) and Nmap Scripting Engine (NSE).
Tropx
⭐
40
The swiss army knife for cybersecurity enthusiasts. All needed scripts and tools integrated into one portable and customizable CLI.
Omnispray
⭐
40
Modular Enumeration and Password Spraying Framework
Gopher
⭐
40
C# tool to discover low hanging fruits
Rbust
⭐
39
[ Blazing Fast Web Fuzzer in Rust ]
Hackarsenaltoolkit
⭐
39
Hacking arsenal. This script download the latest tools, wordlists, releases and install common hacking tools
Termux X
⭐
39
it is unofficial repository maintained by me @hax4us. you can check available packages in README
Phisherprice
⭐
38
All In One Pentesting Tool For Recon & Auditing , Phone Number Lookup , Header , SSH Scan , SSL/TLS Scan & Much More.
Yggdrasil
⭐
36
Automation script to download tools and configurate kali linux for various cybersecurity categories
Wpa2 Enterprise Attack
⭐
36
Virtual machines and scripts to attack WPA2-Enterprise networks through Rogue Access Points downgrading the authentication method to GTC
Constole
⭐
35
Scan for and exploit Consul agents
Condi Boatnet
⭐
35
Condi Boatnet Ver 1 (old killer)
Reddrop
⭐
34
RedDrop is a quick and easy web server for capturing and processing encoded and encrypted payloads and tar archives.
Hande Stealer
⭐
34
Powerful Discord Stealer written in python
Omnisci3nt
⭐
34
Unveiling the Hidden Layers of the Web – A Comprehensive Web Reconnaissance Tool
Badusb Gpt
⭐
33
This repo houses Rubber Ducky scripts integrated with OpenAI's GPT. Designed for ethical hackers and researchers, it merges quick Ducky executions with GPT's intelligence. Always use responsibly and with proper permissions.
Adbnet
⭐
32
A tool that allows you to search for vulnerable android devices across the world and exploit them.
Mgwls
⭐
31
Combine words from two wordlist files and concatenate them with an optional delimiter
Task Ninja
⭐
31
Ultimate Tasks Automation Framework for Hackers, DevSecOps, Pentesters, and Bug-bounty hunters!
Sharpleftovers
⭐
30
A C# Tool to find left over pentest data for use in your pentest or redteam op. Blue could maybe use to find files to cleanup
Catspin
⭐
29
Catspin rotates the IP address of HTTP requests making IP based blocks or slowdown measures ineffective. It is based on AWS API Gateway and deployed via AWS Cloudformation.
Ipwn
⭐
28
A Framework meant for the exploitation of iOS devices.
Alien
⭐
27
Webshell Manager Tool/一句話木馬管理工具/Trojan/Backdoor/Pentest
Raymond
⭐
25
Rayomd is a gathering information Framework for pentesters and bug bounty hunters
Packet Sequence
⭐
24
A pen-test/DoS tool that can be used to send single or multiple packets in sequences with a lot of packet customization.
Responder Parser
⭐
23
Most Responder's configuration power in your hand
Probe
⭐
22
Probe: This is a special tool for bug hunter for automated recon process smoothly.
Wolverineframework Discontinued
⭐
22
WolverineFramework - Free, OpenSource and easy to use Cybersecurity Framework.
Spraycannon
⭐
22
Fast multithreaded multiplatform password spraying tool designed for easy use. Supports webhooks, jitter, delay, files, rotation, backend database
Hackbar
⭐
21
HackBar is a security audit tool that will enable you to pentest websites more easily. ... You can use it to check site security by performing SQL injections, XSS holes and more. It also has a user-friendly interface that makes it easy for you to do fuzz testing, hash generation, encoding and more.
Arsenal
⭐
20
Tools for bug hunting in a container
Crowbar
⭐
19
A windows post exploitation tool that contains a lot of features for information gathering and more.
Python For Ethical Hacking
⭐
17
Build tools for hacking ethically using python.
Pentdocks
⭐
17
web application pentesting tools for docker
Blestsploit
⭐
16
BlestSploit Framework, exploitation framework for Ethical Hackers and CyberSecurity Experts & Pentesters
Mailripv3
⭐
16
SMTP and IMAP checker / cracker for mailpass combolists with a user-friendly GUI, automated inbox test and many more features.
Memdlopen
⭐
16
dlopen() filelessly a shared object or even a program (and run it).
Badmoodle
⭐
15
Moodle community-based vulnerability scanner
Androset
⭐
15
Automated script to convert and push Burp Suite certificate in Android, and modify Android's IP table to redirect all traffic to Burp Suite.
Simple_https_server
⭐
14
It's a quick HTTPS server.
Jasmin Ransomware
⭐
14
Jasmin Ransomware is an advanced red team tool (WannaCry Clone) used for simulating real ransomware attacks. Jasmin helps security researchers to overcome the risk of external attacks.
Socketpie_dostool
⭐
14
DOS TOOL WITH PYTHON LAYER7 :) (HTTP FLOOD)
Preparation Guide To Oscp
⭐
14
Journey to Try Harder !!!
Xss_bomb
⭐
14
A cross site scripting command and control notification server
Searcher
⭐
13
Run a base query (plus optional add-ons) through ask, bing, brave, duck duck go, yahoo, and yandex.
Dirbruter
⭐
13
DirBruter is a Python based CLI tool. It looks for hidden or existing directories/files using brute force method. It basically works by launching a dictionary based attack against a webserver and analyse its response.
Paraforge
⭐
13
A BurpSuite extension to create a custom word-list of endpoint and parameters for enumeration and fuzzing
Waybackrobots
⭐
13
Returns disallowed paths from robots.txt found on your target domain and snapshotted by the Wayback Machine
Mavoc
⭐
12
Mavoc is an Automated c2 Windows and Linux Pentesting Tool used to generate reverse shell and deploy attacking scripts to host machines and can maintain multiple reverse connections .
Useragent Fuzz Lib
⭐
12
User-agent Fuzzing Library. This repository holds data of all the user agents in the `user_agents.json` file, which can be used directly with any tool that can parse json format.
Pmr
⭐
11
PMR - PT & VA Management & Reporting is a collaboration platform for pen-testing. PMR Platform is maintained by @SabrySecurity https://sabry.sa
Pencoder
⭐
11
🔁 Yet another powerful payload encoder/decoder
Gosublister
⭐
11
A uber fast subdomain enumerator for web URLs using the power of Goroutines.
Kali Dockerized
⭐
11
Kali Linux in Docker + Ubuntu 22.04 in Docker for Bug Bounty, Penetration Testing, Security Research, Computer Forensics and Reverse Engineering. Kali Linux inside with Docker with or without support with systemd, repository also contains Proof of Concept with kind (Kubernetes in Docker) to test Kali Linux with enabled systemd in K8s cluster
Thy_god_docker
⭐
11
Personal Docker Image with Pentest tools and zsh plugins, inspired by Nutek-Terminal and runs on a base Kali Image.
Pentesting
⭐
11
Cyber Security
Awsrecon
⭐
11
Tool for reconnaissance of AWS cloud environments
Keylogger
⭐
11
A Keylogger made in Python that sends you the collected data via email.
Autorpt
⭐
10
The easy way to create a working directory with standard report template files for common security scenarios: penetration testing, CTF, training, and certification exams. Automatically convert markdown into a polished final report.
Codeargos
⭐
10
A python module for red teams to support the continuous recon of JavaScript files and HTML script blocks in an active web application.
Mobsecco
⭐
10
Cloning apk for bypassing code tampering detection, Google Safety Net and scanning vulnerable plugins
Multitool
⭐
10
Simple Penetration Testing Multitool For Beginners.
Autoreverse
⭐
9
This tool configure malicious payloads such as .exe, .dll, php and ps1 files.
Ethical Hacking
⭐
9
Codes for malware, viruses and key-logger and other tools
Khata
⭐
9
WebHook for Red Team
Entity
⭐
8
Python tool for Wifi hacking
Digit
⭐
8
Extract endpoints from specific Git repository for fuzzing
Pluto
⭐
8
一款集成了几十G工具的透测试系统-冥王星
Hacking With Kali Cheatsheets
⭐
8
This repository is all about text files containing the way /steps to penetrate a system . it includes network pentesting ,web pentesting , network sniffing ,network cracking ,brute forcing and MITM attacks docs for http connection only .
Godigdomain
⭐
7
用Go语言编写的域名爆破工具
X_insta
⭐
7
X_INSTA Powerful INSTAGRAM Password Brute Force Tool For Windows
Mailripv1
⭐
7
A SMTP Checker / SMTP Cracker with SOCKS support and e-mail delivery test (inbox check) for mailpass combolists.
Advanced Penetration Testing Script
⭐
7
The script is an advanced Python-based tool that can be used to test a website for various vulnerabilities such as SQL injection, cross-site scripting (XSS), cross-site request forgery (CSRF) and insecure file upload.
Subdo
⭐
7
Subdo is a Pentesting/OSINT software that automates the enumeration, verification and analysis of subdomains, using public registries such as Shodan or crt.sh.
Reverseshell Rce
⭐
7
Remote code execution. Establish remote shell session.
Bruttrack
⭐
6
A list of useful payloads and bypasses for Web Application Security. Feel free to improve with your payloads and techniques ! I ❤️ pull requests :)
Penttools
⭐
6
bash script for bug bounty tool installation
Memexec
⭐
6
A daemonized DDexec.
Wardriving
⭐
6
Python Wardriving
Rabbitmq Pentesting
⭐
6
RabbitMQ exploit and Pentesting guide for penetration tester
Pydir
⭐
6
a very simple script inspired in gobuster and dirbuster writed in python
Suidpwn
⭐
6
Speeding up identifying which binaries with a SUID flag may lead to root access
Delebetor
⭐
6
Installs and adjusts Pentest tools.
Redblock
⭐
6
RedBlock is an Nginx module designed for offensive security operations and red teaming. This module empowers security professionals to easily block all IPs associated with hosting and cloud infrastructure, as well as known sandbox environments.
Security Bugtracker
⭐
5
Run security test tools and track bugs easily
Evillyn
⭐
5
An EvilTwin wrapper with quality of life enhancements.
Nativepayload_dcp
⭐
5
Compiling Csharp in-memory and Execute to bypass AVs
Bee
⭐
5
Bee Recon Framework
Fishshell
⭐
5
FIshShell is a multi-session handler and Windows & Linux backdoor payload generator. It allows users\targets to connect to the server (other machines running the multi-handler) after which the server admin/attacker can join sessions and also get a non-interactive reverse shell.
Webpwn
⭐
5
Cracking the Lenses of Perimeter Penetrationtests
Nwpentestutils
⭐
5
Scripts for Network Pentesting
Pecoret
⭐
5
A Pentest Collaboration and Reporting Tool
Notestocommands
⭐
5
NotesToCommands is a powerful command template experience, allowing users to instantly execute terminal commands, with varying arguments, grouped into sections in a note or file. It was originally created for pentesting uses, to avoid the needed remembrance and retyping of sets of commands for various attacks.
Autoenum
⭐
5
An enumeration tool for post exploitation that you can use to gather information about your target machine and its network.
Powerwoof
⭐
5
A collection of handy C#, Powershell and C++ POCs, concepts and examples to aid in pentesting.
Tooltime
⭐
5
A Python3 script that quickly downloads and or installs Pentesting tools from a config file.
Burp Security Headers Checker
⭐
5
Super simple Burp Suite extension adding passive scanner checks for missing security headers in server responses
101-198 of 198 search results
< Previous
Privacy
|
About
|
Terms
|
Follow Us On Twitter
Copyright 2018-2024 Awesome Open Source. All rights reserved.