Awesome Open Source
Search
Programming Languages
Languages
All Categories
Categories
About
Search results for penetration testing offensive security
offensive-security
x
penetration-testing
x
59 search results found
Redteaming Tactics And Techniques
⭐
3,965
Red Teaming Tactics and Techniques
Villain
⭐
3,376
Villain is a C2 framework that can handle multiple TCP socket & HoaxShell-based reverse shells, enhance their functionality with additional features (commands, utilities etc) and share them among connected sibling servers (Villain instances running on different machines).
Raccoon
⭐
2,928
A high performance offensive security tool for reconnaissance and vulnerability scanning
Nosqlmap
⭐
2,765
Automated NoSQL database enumeration and web application exploitation tool.
Black Hat Rust
⭐
2,662
Applied offensive security with Rust - https://kerkour.com/black-hat-rust
Oscp
⭐
2,235
OSCP Cheat Sheet
Reconnoitre
⭐
2,053
A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
Awesome Cybersecurity Handbooks
⭐
1,980
A huge chunk of my personal notes since I started playing CTFs and working as a Red Teamer.
Ligolo Ng
⭐
1,950
An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.
Rapidscan
⭐
1,489
🆕 The Multi-Tool Web Vulnerability Scanner.
Chimera
⭐
1,192
Chimera is a PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.
Vhostscan
⭐
1,161
A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
Oscp Tricks 2023
⭐
769
OSCP 2023 Preparation Guide | Courses, Tricks, Tutorials, Exercises, Machines
Blackmamba
⭐
688
C2/post-exploitation framework
Oscp Human Guide
⭐
582
My own OSCP guide
Penetration Testing Cheat Sheet
⭐
540
Work in progress...
Vault
⭐
504
swiss army knife for hackers
Bigbountyrecon
⭐
471
BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Offsec Reporting
⭐
459
Offensive Security OSCP, OSWP, OSEP, OSWA, OSWE, OSED, OSMR, OSEE, OSDA Exam and Lab Reporting / Note-Taking Tool
Flask Session Cookie Manager
⭐
429
🍪 Flask Session Cookie Decoder/Encoder
Vanquish
⭐
422
Vanquish is Kali Linux based Enumeration Orchestrator. Vanquish leverages the opensource enumeration tools on Kali to perform multiple active information gathering phases.
Gtfonow
⭐
414
Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries using GTFOBins.
Php Reverse Shell
⭐
363
PHP shells that work on Linux OS, macOS, and Windows OS.
Android Penetration Testing Cheat Sheet
⭐
304
Work in progress...
East
⭐
293
Exploits and Security Tools Framework 2.0.1
Agartha
⭐
292
a burp extension creates dynamic payloads to reveal injection flaws(LFI, RCE, SQLi), generates user access tables to spot authentication/authorization issues, and copys Http requests as JavaScript code.
Invoker
⭐
292
Penetration testing utility and antivirus assessment tool.
Wifi Penetration Testing Cheat Sheet
⭐
277
Work in progress...
Wifi Pentesting Guide
⭐
269
WiFi Penetration Testing Guide
Powershell Reverse Tcp
⭐
263
PowerShell scripts for communicating with a remote host.
Credphish
⭐
262
CredPhish is a PowerShell script designed to invoke legitimate credential prompts and exfiltrate passwords over DNS.
Ios Penetration Testing Cheat Sheet
⭐
241
Work in progress...
Hawk
⭐
227
Network, recon and offensive-security tool for Linux.
Nativepayloads
⭐
219
All my Source Codes (Repos) for Red-Teaming & Pentesting + Blue Teaming
Hades
⭐
198
Go shellcode loader that combines multiple evasion techniques
Handbook
⭐
196
A living document for penetration testing and offensive security.
Conti Pentester Guide Leak
⭐
191
Leaked pentesting manuals given to Conti ransomware crooks
Offsec Tools
⭐
181
Compiled tools for internal assessments
Invoke Apex
⭐
175
A PowerShell-based toolkit and framework consisting of a collection of techniques and tradecraft for use in red team, post-exploitation, adversary simulation, or other offensive security tasks.
Black Widow
⭐
168
GUI based offensive penetration testing tool (Open Source)
Pyphisher
⭐
154
Python tool for phishing
Favirecon
⭐
149
Use favicon.ico to improve your target recon phase. Quickly detect technologies, WAF, exposed panels, known services.
Nix Security Box
⭐
147
Tool set for Information security professionals and all others
Wwwtree
⭐
146
A utility for quickly and easily locating, web hosting and transferring resources (e.g., exploits/enumeration scripts) from your filesystem to a victim machine during privilege escalation.
Red Team Playbooks
⭐
123
This repository contains cutting-edge open-source security notes and tools that will help you during your Red Team assessments.
Cve 2021 21315 Poc
⭐
121
CVE 2021-21315 PoC
Dfshell
⭐
115
D3Ext's Forward Shell
Pathwar
⭐
102
☠️ The Pathwar Project ☠️
Oscp
⭐
100
My OSCP journey
Arsenal
⭐
96
Offensive security tools weaponized
Spellbook
⭐
96
Framework for rapid development of offensive security tools
Terminatorz
⭐
95
TerminatorZ is a highly sophisticated and efficient web security tool that scans for top potential vulnerabilities with known CVEs in your web applications.
Punk.py
⭐
94
unix SSH post-exploitation 1337 tool
Secfiles
⭐
94
My files for security assessments, bug bounty and other security related stuff
Superlibrary
⭐
94
Information Security Library
Docker_offensive_elk
⭐
90
Elasticsearch for Offensive Security
Pentest Everything
⭐
81
This is a penetration testing cheatsheet I created to get my OSCP certification.
Suass
⭐
75
one-stop resource for all things offensive security.
Httpworker
⭐
74
A Flask-based HTTP(S) command and control (C2) framework with a web interface. Custom Windows EXE/DLL implants written in C++. For educational use only.
Uscan
⭐
69
uscan is an automated vulnerability scanner that streamlines the process of website hacking, making it faster and more efficient than ever before.
Phaser
⭐
53
Automated attack surface mapper and vulnerability scanner (Work In Progress 🚧)
Sqli Postgres Rce Privesc Hacking Playground
⭐
52
Application with SQL Injection vulnerability and possible privilege escalation. Free vulnerable app for ethical hacking / penetration testing training.
Dnsexplorer
⭐
46
Bash script that automates the enumeration of domain, subdomains & web servers in the active information gathering.
Oscp A Step Forward
⭐
46
Opening the door, one reverse shell at a time
Hackthebox Reporting
⭐
41
Hack The Box CPTS, CBBH Exam and Lab Reporting / Note-Taking Tool
Pentesting Resources
⭐
37
Resources, repos and scripts for pentesters and bug bounty.
Posts
⭐
34
Posts about different topics
C2pe
⭐
34
C2 and Post Exploitation Code
Java Reverse Tcp
⭐
34
JAR, Java, and JSP shells that work on Linux OS, macOS, and Windows OS.
Wpgen
⭐
27
Generator Malicious Plugins WordPress
W4af
⭐
23
w4af: web advanced application attack and audit framework, the open source web vulnerability scanner.
Pwnkit Exploit
⭐
22
Proof of Concept (PoC) CVE-2021-4034
Dns Exfiltrator
⭐
19
Exfiltrate data with DNS queries. Based on CertUtil and NSLookup.
Secure Website
⭐
19
Secure website with a registration, sign in, session management, and CRUD controls.
Chad
⭐
17
Search Google Dorks like Chad. / Social media takeover tool.
Oswa
⭐
17
A collection of useful commands, scripts and resources for the OSWA (WEB-200) exam of Offensive Security
Ttps
⭐
17
Tactics, Techniques, and Procedures
Webhacking
⭐
16
This repo contain Myanmar Pentster Community web-hacking class resources and published with education purpose.
Param Ninja
⭐
16
An automated penetration testing tool , that automates web vulnerabilities testing upon a given URL with an endpoint parameter
Hego Wiki
⭐
12
HEGO Hunting Wiki | Offensive Cybersecurity Checklist
Rti Toolkit
⭐
12
Remote Template Injection Toolkit
Oscp_repo
⭐
11
Repository for OSCP certification
Pointer
⭐
11
Pointer is a Fast Simple Lightweight Tool for Endpoint Discovery.
Hack_hard
⭐
10
A nostalgic journey back to the era of retro RPGs with a cyber twist in the theme of Die Hard
C2 Cloud
⭐
10
The C2 Cloud is a robust web-based C2 framework, designed to simplify the life of penetration testers. It allows easy access to compromised backdoors, just like accessing an EC2 instance in the AWS cloud. It can manage several simultaneous backdoor sessions with a user-friendly interface.
Pydorker
⭐
10
Python tool for Dorking
Godork
⭐
10
This is a Python based GUI(Graphical User Interface) application for Google Dorking. Easy and convinient tool
Codeargos
⭐
10
A python module for red teams to support the continuous recon of JavaScript files and HTML script blocks in an active web application.
Wordlist Extender
⭐
9
Extend wordlist by appending digits and special characters to each word.
Khata
⭐
9
WebHook for Red Team
Goblyn
⭐
9
Goblyn is a Python tool focused to enumeration and capture of website files metadata.
Ssti Flask Hacking Playground
⭐
7
App with Server Side Template Injection (SSTI) vulnerability - in Flask. For web penetration testing / ethical hacking. Possible RCE :)
File Shredder
⭐
7
PowerShell script for shredding files.
Masapt
⭐
7
Multi-Agent System for Automated Penetration Testing (MASAPT)
Dnsrecon Chunked
⭐
6
Brute force subdomains in multiple smaller iterations. Based on DNSRecon.
Buffer Overflow
⭐
6
These are the scripts & methodologies that can be used in Buffer Over Flow Fuzzing and Exploitation
Amounts
⭐
6
Generate a wordlist to fuzz amounts or any other numerical values.
Nagooglesearch
⭐
5
Not another Google searching tool.
Overwhelm
⭐
5
Overwhelm's Vanquish is a Kali Linux based Enumeration Orchestrator built in Python running inside a docker container. Vanquish leverages the opensource enumeration tools on Kali to perform multiple active information gathering phases. The results of each phase are fed into the next phase to identify vulnerabilities that could be leveraged for a remote shell
Zero To Oscp
⭐
5
A quick guide to help total beginners find a path to becoming a penetration tester.
Related Searches
Python Penetration Testing (1,380)
Security Penetration Testing (767)
Scanner Penetration Testing (373)
Penetration Testing Red Team (373)
Penetration Testing Hacking Tool (334)
Penetration Testing Pentest Tool (331)
Penetration Testing Information Security (284)
Vulnerabilities Penetration Testing (227)
Penetration Testing Cybersecurity (212)
Golang Penetration Testing (208)
1-59 of 59 search results
Privacy
|
About
|
Terms
|
Follow Us On Twitter
Copyright 2018-2024 Awesome Open Source. All rights reserved.