Awesome Open Source

Programming Languages

Search results for vulnerabilities penetration testing

penetration-testing x

vulnerabilities x

28 search results found

Payloadsallthethings ⭐ 57,656

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Reconftw ⭐ 5,890

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

Gather and update all available and newest CVEs with their PoC.

Awesome Web Hacking ⭐ 5,260

A list of web application security

Allaboutbugbounty ⭐ 4,793

All about bug bounty (bypasses, payloads, and etc)

Faraday ⭐ 4,422

Open Source Vulnerability Management Platform

Pocsuite3 ⭐ 3,412

pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.

Awesome Redteam ⭐ 3,079

一个攻防知识仓库

Vulscan ⭐ 2,983

Advanced vulnerability scanning with Nmap NSE

Vulmap ⭐ 2,935

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞验证功能

Awesome Hacking ⭐ 2,716

Awesome hacking is an awesome collection of hacking tools.

Awesome Nodejs Security ⭐ 2,515

Awesome Node.js Security resources

Pentest Guide ⭐ 2,415

Penetration tests guide based on OWASP including test cases, resources and examples.

Ssrfmap ⭐ 2,306

Automatic SSRF fuzzer and exploitation tool

Archerysec ⭐ 2,162

Automate Your Application Security Orchestration And Correlation (ASOC) Using ArcherySec.

Trackray ⭐ 1,922

溯光 (TrackRay) 3 beta⚡渗透测试框架（资产扫描|指纹识别|暴力破解|网页爬虫|端口扫描|漏洞扫描|代码审计|AWV

Vulnx ⭐ 1,898

vulnx 🕷️ an intelligent Bot, Shell can achieve automatic injection, and help researchers detect security vulnerabilities CMS system. It can perform a quick CMS security detection, information collection (including sub-domain name, ip address, country information, organizational information and time zone, etc.) and vulnerability scanning.

Pwndoc ⭐ 1,827

Pentest Report Generator

Fuxploider ⭐ 1,702

File upload vulnerability scanner and exploitation tool.

Metlo ⭐ 1,537

Metlo is an open-source API security platform.

Rapidscan ⭐ 1,489

🆕 The Multi-Tool Web Vulnerability Scanner.

Damn Vulnerable Graphql Application ⭐ 1,387

Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security.

Penetration Testing Platform

V3n0m Scanner ⭐ 1,342

Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns

A Red Teamer Diaries ⭐ 1,294

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

Mutillidae ⭐ 1,113

OWASP Mutillidae II is a free, open-source, deliberately vulnerable web application providing a target for web-security training. This is an easy-to-use web hacking environment designed for labs, security enthusiasts, classrooms, CTF, and vulnerability assessment tool targets.

Security ⭐ 830

Some of my security stuff and vulnerabilities. Nothing advanced. More to come.

Pentesttools ⭐ 816

Awesome Pentest Tools Collection

Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.

Awesome Vulnerable ⭐ 789

A curated list of VULNERABLE APPS and SYSTEMS which can be used as PENETRATION TESTING PRACTICE LAB.

An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.

Scant3r ⭐ 657

ScanT3r - Module based Bug Bounty Automation Tool

Jackhammer ⭐ 599

Jackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.

Vehicle Security Toolkit ⭐ 577

汽车/安卓/固件/代码安全测试工具集

Solr Injection ⭐ 567

Apache Solr Injection Research

Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework

All in One Recon Tool for Bug Bounty

Envizon ⭐ 519

network visualization & pentest reporting

Findom Xss ⭐ 487

A fast DOM based XSS vulnerability scanner with simplicity.

Bug Bounty Methodology ⭐ 438

These are my checklists which I use during my hunting.

Burp Suite Certified Practitioner Exam Study ⭐ 419

Burp Suite Certified Practitioner Exam Study

Reconmap ⭐ 368

Vulnerability assessment and penetration testing automation and reporting platform for teams.

Vulnrepo ⭐ 364

VULNRΞPO - Free vulnerability report generator and repository end-to-end encrypted. Complete templates of issues, CWE, CVE, MITRE ATT&CK, PCI DSS, issues import Nmap/Nessus/Burp/OpenVAS/Bugcrowd/Trivy, Jira export, TXT/JSON/MARKDOWN/HTML/PDF report, attachments, automatic changelog, statistics, vulnerability management, methodologies and much more!

Reconscan ⭐ 324

Network reconnaissance and vulnerability assessment tools.

Quillaudit_reports ⭐ 312

QuillAudits Smart Contracts, deFi, NFT, tokens,Dao , Dex and DApps Audit Reports

Pwndoc Ng ⭐ 273

Pentest Report Generator

Hacking ⭐ 269

Ha3Mrx Pentesting and Security Hacking

A python tool to check subdomain takeover vulnerability

Awesome Cyber Security ⭐ 255

[Draft]Awesome Cyber Security Resource Collection. Currently contains 8000+ open source repositories, and not very well classified. For each repository, extra info included: star count, commit count, last update time. This is the DRAFT version.

Droid Hunter ⭐ 244

(deprecated) Android application vulnerability analysis and Android pentest tool

Monitoring exploits & references for CVEs

Cervantes ⭐ 215

Cervantes is an opensource collaborative platform for pentesters or red teams who want to save time to manage their projects, clients, vulnerabilities and reports in one place.

Learn365 ⭐ 207

This repository is about @AnubhavSingh_'s 365 days of Learning Tweets collection.

Linux Soft Exploit Suggester ⭐ 204

Search Exploitable Software on Linux

Handbook ⭐ 196

A living document for penetration testing and offensive security.

Phpvuln ⭐ 185

🕸️ Audit tool to find common vulnerabilities in PHP source code

Nightingale ⭐ 183

It's a Docker Environment for Pentesting which having all the required tool for VAPT.

Inthewilddb ⭐ 183

Hourly updated database of exploit and exploitation reports

Ary 是一个集成类工具，主要用于调用各种安全工具，从而形成便捷的一键式渗透。

Recon is a script to perform a full recon on a target with the main tools to search for vulnerabilities. Created based on @ofjaaah and @Jhaddix methodologies

Web Fuzz Wordlists ⭐ 159

Common Web Managers Fuzz Wordlists

vMass Bot 🪝 Vulnerability Scanner & Auto Exploiter Tool Written in Perl.

Scanner And Patcher ⭐ 145

A Web Vulnerability Scanner and Patcher

Sec Pentesting Toolkit ⭐ 144

tools for security researchers: pentesting, CTF, wargames

PAKURI has been merged with Python and launched as a new project, PAKURI-THON.

Mida Multitool ⭐ 140

Bash script purposed for system enumeration, vulnerability identification and privilege escalation.

Pentest Tools Framework ⭐ 140

Pentest Tools Framework is a database of exploits, Scanners and tools for penetration testing. Pentest is a powerful framework includes a lot of tools for beginners. You can explore kernel vulnerabilities, network vulnerabilities

Kitsec Core ⭐ 136

Ethical hacking, made easy.

Web_hacking ⭐ 135

Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.

Writeups ⭐ 133

This repository contains writeups for various CTFs I've participated in (Including Hack The Box).

Vulnplanet ⭐ 123

Vulnerable code snippets with fixes for Web2, Web3, API, iOS, Android and Infrastructure-as-Code (IaC)

Cve 2021 21315 Poc ⭐ 121

CVE 2021-21315 PoC

Vulnerable Flask App ⭐ 121

Erlik 2 - Vulnerable-Flask-App

Find Gh Poc ⭐ 117

Find CVE PoCs on GitHub

A Not So Very Intelligent Fuzzer: An advanced fuzzing framework designed to find vulnerabilities in C/C++ code.

App Sec Wiki ⭐ 88

Files for appsecwiki.com

Nist To Tech ⭐ 88

An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)

ScanPro - NMap Scanning Scripts ~ Network Mapper

Firebase ⭐ 85

Exploiting misconfigured firebase databases

Awesome Web Hacking ⭐ 82

A list of web application security

| FazScan is a Perl program to do some vulnerability scanning and pentesting |

Pastebinmarkdownxss ⭐ 78

XSS in pastebin.com and reddit.com via unsanitized markdown output

Vulnerable Client-Server Application (VuCSA) is made for learning how to perform penetration tests of non-http thick clients. It is written in Java (with JavaFX graphical user interface) and contains multiple challenges including SQL injection, RCE, XML vulnerabilities and more.

Secator - the pentester's swiss knife

White Box Pentesting ⭐ 74

This lab is created to demonstrate pass-the-hash, blind sql and SSTI vulnerabilities

Trickest Workflow for discovering log4j vulnerabilities and gathering the newest community payloads.

Cvescannerv2 ⭐ 66

Nmap script that scans for probable vulnerabilities based on services discovered in open ports.

Quick Tricks ⭐ 62

Bitrix vulnerability scanner

Codeallthethings ⭐ 58

A list of threat sinks used in the manual security source code review for application security

Cve 2021 43008 Adminerread ⭐ 58

Exploit tool for CVE-2021-43008 Adminer 1.0 up to 4.6.2 Arbitrary File Read vulnerability

A Modular Framework for the Automated Vulnerability Analysis in IP-based Networks

Automated attack surface mapper and vulnerability scanner (Work In Progress 🚧)

Containers ⭐ 53

Automated privilege escalation of the world's most popular Docker images.

Attack Surface Detector Burp ⭐ 50

The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters

Intelligent XSS detection tool that uses human techniques for looking for reflected cross-site scripting (XSS) vulnerabilities

Rest Api ⭐ 48

REST API backend for Reconmap

Test your Security Skills, and Clean Code Development as a Pythonist, Hacker & Warrior 🥷🏻

Xattacker ⭐ 39

X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

Zerooo Exploitation Framework ⭐ 38

漏洞利用框架

Blindpie ⭐ 37

Automatically exploit time-based blind SQL injection vulnerabilities.

Related Searches

Security Vulnerabilities (12,350)

Laravel Vulnerabilities (11,319)

Php Vulnerabilities (8,887)

Javascript Vulnerabilities (1,306)

Python Penetration Testing (1,286)

Python Vulnerabilities (1,159)

Security Penetration Testing (767)

Vulnerabilities Scanner (695)

Vulnerabilities Exploitation (636)

Shell Penetration Testing (528)

1-28 of 28 search results

Privacy | About | Terms | Follow Us On Twitter

Copyright 2018-2025 Awesome Open Source. All rights reserved.