Awesome Open Source

Programming Languages

Search results for pentest tool

417 search results found

Smtp User Enum ⭐ 74

SMTP user enumeration via VRFY, EXPN and RCPT with clever timeout, retry and reconnect functionality.

Automated Pentest Tools Designed For Parrot Linux

Enumerate a target Based off of Nmap Results

Golang-based subdomain miner leveraging certificate transparency logs

uscan is an automated vulnerability scanner that streamlines the process of website hacking, making it faster and more efficient than ever before.

XSHOCK Shellshock Exploit

PENTOL - Pentester Toolkit for Fiddler2

Rfparty Xyz ⭐ 60

its like a tricorder, for your wireless world.

Linuxprivchecker ⭐ 58

linuxprivchecker.py -- a Linux Privilege Escalation Check Script

Metasploit-like pentest framework derived from TIDoS (https://github.com/0xInfection/TIDoS-Framework)

Wicrackfi ⭐ 56

Python Script to help/automate the WiFi hacking exercises.

A modular exploitation framework extensible with Lua

Three Eyedraven ⭐ 54

内网探测工具(Internal network detection tool that not contain any exploit code)

Autoredtools ⭐ 54

AutoRedTools是一款轻量级一站式自动下载/自动更新常用开源软件的工具，主要帮助安全从业者/ 装的时间，从而提升生产效率或工作效率。

Multi OTP Spam Amp/Paralell threads

Automated attack surface mapper and vulnerability scanner (Work In Progress 🚧)

Nmap Nse Info ⭐ 53

Browse and search through nmap's NSE scripts.

Offensive Docker Vps ⭐ 52

Create a VPS on Google Cloud Platform or Digital Ocean easily with Offensive Docker included to launch assessment to the targets.

Ronin Vulns ⭐ 49

Tests URLs for Local File Inclusion (LFI), Remote File Inclusion (RFI), SQL injection (SQLi), and Cross Site Scripting (XSS), Server Side Template Injection (SSTI), and Open Redirects.

Simwigo is a cross-platform tool, written in Go, to simplify the deployment of a web service.

Kal El Network Stress Test and Penetration Testing Toolkit

Dumain Bruteforcer - a fast and flexible domain bruteforcer

Credcheck ⭐ 47

Credentials Checking Framework

xSMTP 🦟 Lightning fast, multithreaded smtp scanner targeting open-relay and unsecured servers in multiple network ranges.

Owabrute ⭐ 46

Hydra wrapper for bruteforcing Microsoft Outlook Web Application.

EZEA (EaZy Enum Automator), made for OSCP. This tool uses bash to automate most of the enumeration proces

xTools，一个辅助小工具

H1 Search ⭐ 45

Tool that will request the public disclosures on a specific HackerOne program and show them in a localhost webserver.

Aapfinder ⭐ 44

AAP Finder (Advanced Admin Page Finder) is a tool written in Python3 with advanced functionalities

Unauthorized ⭐ 44

常见的未授权漏洞检测

Httpuploadexfil ⭐ 42

A simple HTTP server for delivering and exfiltrating files/data during, for example, CTFs.

Ipwarden ⭐ 42

IPWarden（守望者）是一个IP资产风险巡查工具。持续发现系统、Web两个维度的资产和安全风险。

Brokensmtp ⭐ 41

Small python script to look for common vulnerabilities on SMTP server.

Exchange Penetration Testing ⭐ 41

The great Microsoft exchange hack: A penetration tester’s guide (exchange penetration testing)

Rddos_tool ⭐ 40

🔫 Red DDoS Tool is -THE BEST- tool for DDoS attacks.

Pb Af Xdp ⭐ 40

An application that utilizes fast AF_XDP Linux sockets to send network packets. Used for penetration testing including Denial of Service (DoS), and network monitoring.

[ Blazing Fast Web Fuzzer in Rust ]

🌒 Shell command obfuscation to avoid detection systems

😹 Tomcter is a python tool developed to bruteforce Apache Tomcat manager login with default credentials.

Burpsuite Xkeys ⭐ 38

A Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.

Phisherprice ⭐ 38

All In One Pentesting Tool For Recon & Auditing , Phone Number Lookup , Header , SSH Scan , SSL/TLS Scan & Much More.

Uberscan ⭐ 37

Security program for recovering passwords and pen-testing servers, routers and IoT devices using brute-force password attacks.

Obsidiansailboat ⭐ 35

Nmap and NSE command line wrapper in the style of Metasploit

A command-line tool for Cross-Site WebSocket Hijacking

A Network Automation framework focused on Cyber-Security

👀 🖥️ Golang rewrite of eyes.sh. Let's you perform domain/IP address information gathering. Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?" 🔍 🕵️

Flashroute ⭐ 32

🚀 Takes minutes to explore the topology of all routable /24 prefixes in IPv4 address space. Now supports IPv6 scan!

Tool to communicate with RPC services and check misconfigurations on NFS shares

Sniffcon Ultimate Recon Dashboard For Bug Bounty And Pentesting ⭐ 31

Sniffcon has a wide list of powerful online bug bounty tools which can be used to find security vulnerabilities.

Wp Mini Exploiter ⭐ 30

Mini Wordress Exploiter using CVE2020

Pentesting Mind Map ⭐ 30

Web Hacking and Red Teaming MindMap

Yet Another PHP Shell - The most complete PHP reverse shell

Wifibang ⭐ 29

wifi attacks suite

Cloudfish ⭐ 29

Subdomain enumeration using Cloudflare's scanning tool.

ITWSV- Integrated Tool for Web Security Vulnerability

Hydrarecon ⭐ 28

All In One, Fast, Easy Recon Tool

Webshell Manager Tool/一句話木馬管理工具/Trojan/Backdoor/Pentest

A colorful cross-platform python script to test misconfigurations of AWS S3 buckets both through authenticated and unauthenticated checks!

Pathprober ⭐ 26

Probe and discover HTTP pathname using brute-force methodology and filtered by specific word or 2 words at once

Crawleet ⭐ 25

Web Recon & Exploitation Tool.

Ftpknocker ⭐ 25

🔑 ftpknocker is a multi-threaded scanner for finding anonymous FTP servers

Certcrunchy ⭐ 25

Just a silly recon tool that uses data from SSL Certificates to find potential host names

Pollenisator ⭐ 25

Collaborative pentest tool with highly customizable tools

Ortester ⭐ 24

Open Redirect scanner - (out of date)

Scan for subdomains using bruteforcing techniques

Packet Sequence ⭐ 24

A pen-test/DoS tool that can be used to send single or multiple packets in sequences with a lot of packet customization.

Toolpacks ⭐ 24

Statically Linked Binaries for Android (arm64-v8a), Linux (aarch64_arm64 | amd_x86-64) all in one place

Wordlist Generator ⭐ 24

Generate customised wordlist for penetration testing practice (e.g. brute force attack, dictionary attack, etc.)

🌮 INTERACTIVE reverse shell everywhere! (Particularly digestible with socat multi-handler listener)

Responder Parser ⭐ 23

Most Responder's configuration power in your hand

Pyparser Cve ⭐ 23

Multi source CVE/exploit parser.

Python Remote Access Tool

Pentest Tool Lite ⭐ 23

Test your page against basic security, html, wordpress, ... check lists

Spraycannon ⭐ 22

Fast multithreaded multiplatform password spraying tool designed for easy use. Supports webhooks, jitter, delay, files, rotation, backend database

Transportc2 ⭐ 22

PoC Command and Control Server. Interact with clients through a private web interface, add new users for team sharing and more.

Substack ⭐ 22

Sub-domains enumeration framework

Ooze is a tool to use at pentest with Social engineering. - beta

Awesome Hacking Tools ⭐ 21

收集网上好用、实用的红蓝对抗武器。从资产扫描、泄漏扫描、信息收集、漏洞扫描、SRC批量挖掘、内网渗透大部分我都用过、部分会写上自己的感想与建议，希望对你有帮助

A simple script to turn an Android device/emulator into a test-ready box.

Swamp Rat ⭐ 21

A Linux RAT in C

Bifrost C2. Open-source post-exploitation using Discord API

Rawsec_cli ⭐ 21

Rawsec's Cybersecurity Inventory cli. Search pentesting tools, resources, ctf, os.

Obtain a clean-cut architecture at the launch of a mission and run some tests ( subdomain search, fuzzing, make screenshots on a given perimeter )

🚀 CSRFShark - a utility for manipulating cross-site request forgery attacks

Tokenplayer ⭐ 20

Manipulating and Abusing Windows Access Tokens.

Tools for bug hunting in a container

Webshells ⭐ 20

webshells written with malice

Androsectest ⭐ 20

From this app, Connect a Phone, Extract any app from It, Decompile, Deobfuscate, Remove Certificate Pinning and Repackage it. Meanwhile, Perform some Static and Dynamic Analysis on It.

Unauthorized_com ⭐ 19

未授权检测的命令行版，支持批量检测

Revshfuzz ⭐ 18

A tool for fuzzing for ports that allow outgoing connections

🐚 A proof-of-concept reverse-shell written in rust.

A script to build either Blackarch, Kali linux or ParrotOS Docker container which has the ability to provide desktop environment access either via X2Go or VNC

A tool for Oragnized ASM (Attack Surface Mapper). Subdomains enumeration, IPs scans, Vulnerability assesment...

S3 Buckets Aio Pwn ⭐ 18

An AIO Tool to check for Vulnerable Amazon S3 Buckets as part of Bug Bounty, the uniqueness of this tool is that it can take a file full of buckets, and check all of them with various attack scenarios if they are vulnerable

Smart Url Fuzzer ⭐ 18

Explore URLs of domains fast and efficiently using fuzzing techniques

a fast password wordlist generator, Smartlist creation and password hybrid-mask analysis tool written in pure safe Rust

Maliketh ⭐ 17

🗡️ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python

Dirrunner ⭐ 17

Enumeration & fingerprint tool

Python For Ethical Hacking ⭐ 17

Build tools for hacking ethically using python.

Ethical Hacking Tools ⭐ 17

List of various ethical hacking tools

Related Searches

Penetration Testing Pentest Tool (327)

201-300 of 417 search results

Privacy | About | Terms | Follow Us On Twitter

Copyright 2018-2024 Awesome Open Source. All rights reserved.