Awesome Open Source
Search results for hackers penetration testing
1,003 search results found
A collection of various awesome lists for hackers, pentesters and security researchers
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), artificial intelligence, vulnerability research, exploit development, reverse engineering, and more.
⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡
Awesome Hacking Resources
A collection of hacking / penetration testing resources to make you better!
A collection of hacking tools, resources and references to practice ethical hacking.
🤖 The Modern Port Scanner 🤖
The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Web path scanner
Resources For Beginner Bug Bounty Hunters
A list of resources for those interested in getting started in bug bounties
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Nishang - Offensive PowerShell for red team, penetration testing and offensive security.
Red Teaming Toolkit
This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
Osintgram is a OSINT tool on Instagram. It offers an interactive shell to perform analysis on Instagram account of any users by its nickname
Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
Attack Surface Management Platform
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.
Cyber Security ALL-IN-ONE Platform
This is a multi-use bash script for Linux systems to audit wireless networks.
Gather and update all available and newest CVEs with their PoC.
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/ Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jbos
An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
The all-in-one Red Team extension for Web Pentester 🛠
Awesome Web Hacking
A list of web application security
All about bug bounty (bypasses, payloads, and etc)
Next generation web scanner
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
A Workflow Engine for Offensive Security
Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet
Hacking Security Ebooks
Top 100 Hacking & Security E-Books (Free Download)
暂停维护 | ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Tools and Techniques for Red Team / Penetration Testing
Active Directory Exploitation Cheat Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application
Free Security Ebooks
Free Security and Hacking eBooks
Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀
The ultimate WinRM shell for hacking/pentesting
An all-in-one hacking tool to remotely exploit Android devices using ADB and Metasploit-Framework to get a Meterpreter session.
Cameradar hacks its way into RTSP videosurveillance cameras
Learn Web Hacking
Study Notes For Web Hacking / Web安全学习笔记
Web Application Security Scanner Framework
Awesome Shodan Queries
🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩💻
Git All the Payloads! A collection of web attack payloads.
Villain is a C2 framework that can handle multiple TCP socket & HoaxShell-based reverse shells, enhance their functionality with additional features (commands, utilities etc) and share them among connected sibling servers (Villain instances running on different machines).
An automated e-mail OSINT tool
Linux Smart Enumeration
Linux enumeration tool for pentesting and CTFs with verbosity levels
OSINT automation for hackers.
A collection of custom security tools for quick needs.
A high performance offensive security tool for reconnaissance and vulnerability scanning
Awesome hacking is an awesome collection of hacking tools.
Awesome Mobile Security
An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
Automated NoSQL database enumeration and web application exploitation tool.
Black Hat Rust
Applied offensive security with Rust - https://kerkour.com/black-hat-rust
A Windows reverse shell payload generator and handler that abuses the http(s) protocol to establish a beacon-like reverse shell.
Grab cam shots from target's phone front camera or PC webcam just sending a link.
PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.
A Curated list of IoT Security Resources
Arsenal is just a quick inventory and launcher for hacking programs
Penetration Testing Tools
A collection of more than 170+ tools, scripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT Security audits purposes.
Awesome Ethical Hacking Resources
🔗 All the resources I could find for learning Ethical Hacking and Penetration Testing.
EMBA - The firmware security analyzer
Rockyou for web fuzzing
Know the dangers of credential reuse attacks.
A simple keylogger for Windows, Linux and Mac
vulnx 🕷️ an intelligent Bot, Shell can achieve automatic injection, and help researchers detect security vulnerabilities CMS system. It can perform a quick CMS security detection, information collection (including sub-domain name, ip address, country information, organizational information and time zone, etc.) and vulnerability scanning.
All-in-One Hacking Tools For Hackers! And more hacking tools! For termux.
Abusing Certificate Transparency logs for getting HTTPS websites subdomains.
A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
Tools for Pentesting
Notes about attacking Jenkins servers
Gives you one-liners that aids in penetration testing operations, privilege escalation and more
📡 A python program to create a fake AP and sniff data.
🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.
Web Fuzzing Box
Web Fuzzing Box - Web 模糊测试字典与一些Payloads，主要包含：弱口令暴力破解、目录以及文件枚举、Web漏洞...字典
Hack the World using Termux
🔪 Leak git repositories from misconfigured websites
CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection
Collection of quality safety articles. Awesome articles.
LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x/6.x (x86/x86_64 and ARM64)
Pop shells like a master.
X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter
Find exploits in local and online databases instantly
SSH man-in-the-middle tool
linWinPwn is a bash script that automates a number of Active Directory Enumeration and Vulnerability checks
Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
An encyclopedia for offensive and defensive security knowledge in cloud native technologies.
A Red Teamer Diaries
RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
A framework that create an advanced stealthy dropper that bypass most AVs and have a lot of tricks
jSQL Injection is a Java application for automatic SQL database injection.
Drone pentesting framework console
🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources
Fully featured and community-driven hacking environment
Automated Red Team Infrastructure deployement using Docker
Hundreds of Offensive and Useful Docker Images for Network Intrusion. The name says it all.
Attack surface mapping
Python Penetration Testing (1,296)
1-100 of 1,003 search results
Follow Us On Twitter
Copyright 2018-2023 Awesome Open Source. All rights reserved.