Awesome Open Source
Search
Programming Languages
Languages
All Categories
Categories
About
Search results for golang penetration testing
golang
x
penetration-testing
x
24 search results found
Ffuf
⭐
10,658
Fast web fuzzer written in Go
Gobuster
⭐
8,960
Directory/File, DNS and VHost busting tool written in Go
Yakit
⭐
5,790
Cyber Security ALL-IN-ONE Platform
Hetty
⭐
5,132
An HTTP toolkit for security research.
Osmedeus
⭐
5,076
A Workflow Engine for Offensive Security
Pspy
⭐
4,505
Monitor linux processes without root permissions
Hakrawler
⭐
4,120
Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application
Mosint
⭐
3,643
An automated e-mail OSINT tool
Kscan
⭐
3,061
Kscan是一款纯go开发的全方位扫描器,具备端口扫描、协议检测、指纹识别,暴力破解等功能。支持协议
Afrog
⭐
2,451
A Security Tool for Bug Bounty, Pentest and Red Teaming.
Stowaway
⭐
2,195
👻Stowaway -- Multi-hop Proxy Tool for pentesters
Ligolo Ng
⭐
1,950
An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.
Venom
⭐
1,911
Venom - A Multi-hop Proxy for Penetration Testers
Subjack
⭐
1,665
Subdomain Takeover tool written in Go
Ruler
⭐
1,485
A tool to abuse Exchange services
Gitjacker
⭐
1,466
🔪 :octocat: Leak git repositories from misconfigured websites
Ksubdomain
⭐
1,457
无状态子域名爆破工具
Platypus
⭐
1,372
🔨 A modern multiple reverse shell sessions manager written in go
Sx
⭐
1,357
🖖 Fast, modern, easy-to-use network scanner
Cariddi
⭐
1,228
Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more
Metabigor
⭐
1,087
OSINT tools and more but without API ke
Broxy
⭐
932
An HTTP/HTTPS intercept proxy written in Go.
Nmap
⭐
839
Idiomatic nmap library for go developers
Gorsair
⭐
829
Gorsair gives root access on remote docker containers that expose their APIs
Webanalyze
⭐
776
Port of Wappalyzer (uncovers technologies used on websites) to automate mass scanning.
Pretender
⭐
766
Your MitM sidekick for relaying attacks featuring DHCPv6 DNS takeover as well as mDNS, LLMNR and NetBIOS-NS spoofing.
Reverse_ssh
⭐
758
SSH based reverse shell
Web Cache Vulnerability Scanner
⭐
756
Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hackmanit.de/).
Cent
⭐
724
Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place
Goscan
⭐
709
Interactive Network Scanner
Dontgo403
⭐
703
Tool to bypass 40X response codes.
Garud
⭐
694
An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.
Scilla
⭐
682
Information Gathering tool - DNS / Subdomains / Ports / Directories enumeration
Reverse Ssh
⭐
672
Statically-linked ssh server with reverse shell functionality for CTFs and such
Chashell
⭐
599
Chashell is a Go reverse shell that communicates over DNS. It can be used to bypass firewalls or tightly restricted networks.
Apkhunt
⭐
580
APKHunt is a comprehensive static code analysis tool for Android apps that is based on the OWASP MASVS framework. Although APKHunt is intended primarily for mobile app developers and security testers, it can be used by anyone to identify and address potential security vulnerabilities in their code.
Gosint
⭐
567
OSINT Swiss Army Knife
Xurlfind3r
⭐
485
A command-line interface (CLI) based passive URLs discovery utility. It is designed to efficiently identify known URLs of given domains by tapping into a multitude of curated online passive sources.
Slackor
⭐
452
A Golang implant that uses Slack as a command and control server
Github Subdomains
⭐
426
Find subdomains on GitHub.
Scout
⭐
424
🔭 Lightweight URL fuzzer and spider: Discover a web server's undisclosed files, directories and VHOSTs
Dirdar
⭐
399
DirDar is a tool that searches for (403-Forbidden) directories to break it and get dir listing on it
Supernova
⭐
389
Real fucking shellcode encryption tool
Bounceback
⭐
382
↕️🤫 Stealth redirector for your red team operation security
Getjs
⭐
373
A tool to fastly get all javascript sources/files
Hershell
⭐
367
Hershell is a simple TCP reverse shell written in Go.
Firefly
⭐
352
Black box fuzzer for web applications
Girsh
⭐
320
Automatically spawn a reverse shell fully interactive for Linux or Windows victim
Dirstalk
⭐
319
Modern alternative to dirbuster/dirb
Kdigger
⭐
308
Kubernetes focused container assessment and context discovery tool for penetration testing
Blueshell
⭐
306
红蓝对抗跨平台远控工具
Rescope
⭐
298
A scope generation tool for Burp Suite & ZAP
Second Order
⭐
295
Second-order subdomain takeover scanner
Iox
⭐
283
Tool for port forwarding & intranet proxy
Knary
⭐
282
A simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams/Lark/Telegram & Pushover support
Geacon_plus
⭐
268
CobaltStrike beacon written in golang
Goca
⭐
265
Goca Scanner
Jsubfinder
⭐
257
jsubfinder searches webpages for javascript & analyzes them for hidden subdomains and secrets (wip).
Bucketloot
⭐
252
BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for custom keywords as well as Regular Expressions from publicly-exposed storage buckets by scanning files that store data in plain-text.
Phoenixc2
⭐
247
Command & Control-Framework created for collaboration in python3
Cut Cdn
⭐
243
✂️ Removing CDN IPs from the list of IP addresses
Maldev
⭐
235
Golang library for malware development
Dnsmorph
⭐
235
Domain name permutation engine written in Go
Nacs
⭐
230
事件驱动的渗透测试扫描器 Event-driven pentest scanner
Covermyass
⭐
227
Post-exploitation tool to cover your tracks on a compromised machine
Golinkfinder
⭐
217
A fast and minimal JS endpoint extractor
Mksub
⭐
204
Generate tens of thousands of subdomain combinations in a matter of seconds
Hades
⭐
198
Go shellcode loader that combines multiple evasion techniques
Wraith
⭐
195
[WIP] A free and open-source, modular Remote Administration Tool (RAT) / Payload Dropper written in Go(lang) with a flexible command and control (C2) system.
Swego
⭐
186
Swiss army knife Webserver in Golang. Keep simple like the python SimpleHTTPServer but with many features
Asnip
⭐
184
ASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight
Hawkeye
⭐
179
Hawkeye filesystem analysis tool
Xena
⭐
175
XENA is the managed remote administration platform for botnet creation & development powered by blockchain and machine learning. Aiming to provide an ecosystem which serves the bot herders. Favoring secrecy and resiliency over performance. It's micro-service oriented allowing for specialization and lower footprint. Join the community of the ultimate Botnet kit.
Dsieve
⭐
168
Filter and enrich a list of subdomains by level
Nmap Formatter
⭐
165
A tool that allows you to convert NMAP results to html, csv, json, markdown, graphviz (dot) or sqlite. Simply put it's nmap converter.
Hooka
⭐
163
Evasive shellcode loader, hooks detector and more
Fileless Xec
⭐
160
Stealth dropper executing remote binaries without dropping them on disk .(HTTP3 support, ICMP support, invisible tracks, cross-platform,...)
Mkpath
⭐
154
Make URL path combinations using a wordlist
Kittystager
⭐
153
KittyStager is a simple stage 0 C2. It is made of a web server to host the shellcode and an implant, called kitten. The purpose of this project is to be able to have a web server and some kitten and be able to use the with any shellcode.
Red Rabbit
⭐
153
The Red Rabbit project is just what a hacker needs for everyday automation. Red Rabbit unlike most frameworks out there does not automate other peoples tools like the aircrack suite or the wifite framework, it rather has its own code and is raw source with over 270+ options. This framework might just be your everyday key to your workflow
Favirecon
⭐
149
Use favicon.ico to improve your target recon phase. Quickly detect technologies, WAF, exposed panels, known services.
Knockknock
⭐
147
A simple reverse whois lookup tool which returns a list of domains owned by people or companies
Apkurlgrep
⭐
146
Extract endpoints from APK files
Tuktuk
⭐
144
Tool for catching and logging different types of requests.
Github Endpoints
⭐
141
Find endpoints on GitHub.
Edge
⭐
131
Recon tool for cloud provider attribution. Supports AWS, Azure, Google, Cloudflare, and Digital Ocean.
Airmaster
⭐
131
Use ExpiredDomains.net and BlueCoat to find useful domains for red team.
Golazagne
⭐
128
Go library for credentials recovery
Print My Shell
⭐
124
Python script wrote to automate the process of generating various reverse shells.
Go4hacker
⭐
123
Automated penetration and auxiliary systems, providing XSS, XXE, DNS log, SSRF, RCE, web netcat and other Servers,gin-vue-admin,online https://51pwn.com
Nray
⭐
118
nray distributed port scanner
Find Gh Poc
⭐
117
Find CVE PoCs on GitHub
Notionterm
⭐
108
🖥️📖 Embed reverse shell in Notion pages
Pathwar
⭐
102
☠️ The Pathwar Project ☠️
Chronos
⭐
98
Extract pieces of info from a web page's Wayback Machine history
Fallparams
⭐
97
Find All Parameters - Tool to crawl pages, find potential parameters and generate a custom target parameter wordlist
Go Deliver
⭐
97
Go-deliver is a payload delivery tool coded in Go.
Arsenal
⭐
96
Offensive security tools weaponized
Xsubfind3r
⭐
92
A command-line interface (CLI) based passive subdomain discovery utility. It is designed to efficiently identify known subdomains of given domains by tapping into a multitude of curated online passive sources.
Turbo Attack
⭐
87
A turbo traffic generator pentesting tool to generate random traffic with random mac and ip addresses in addition to random sequence numbers to a particular ip and port.
Related Searches
Golang Command Line (8,308)
Golang Docker (7,769)
Golang Http (4,290)
Golang Server (4,285)
Javascript Golang (3,372)
Golang Database (2,927)
Golang Json (2,652)
Golang Proxy (2,577)
Golang Grpc (2,432)
Python Golang (2,332)
1-24 of 24 search results
Privacy
|
About
|
Terms
|
Follow Us On Twitter
Copyright 2018-2024 Awesome Open Source. All rights reserved.