Awesome Open Source

Programming Languages

Search results for penetration testing cybersecurity

cybersecurity x

penetration-testing x

125 search results found

H4cker ⭐ 15,693

This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), artificial intelligence security, vulnerability research, exploit development, reverse engineering, and more.

Spiderfoot ⭐ 11,035

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

Sn1per ⭐ 7,480

Attack Surface Management Platform

Defaultcreds Cheat Sheet ⭐ 5,023

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

Faraday ⭐ 4,422

Open Source Vulnerability Management Platform

Free Security Ebooks ⭐ 4,126

Free Security and Hacking eBooks

Redteam Tools ⭐ 4,019

Tools and Techniques for Red Team / Penetration Testing

Security Study Plan ⭐ 3,949

Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...

Phonesploit Pro ⭐ 3,899

An all-in-one hacking tool to remotely exploit Android devices using ADB and Metasploit-Framework to get a Meterpreter session.

Villain ⭐ 3,376

Villain is a C2 framework that can handle multiple TCP socket & HoaxShell-based reverse shells, enhance their functionality with additional features (commands, utilities etc) and share them among connected sibling servers (Villain instances running on different machines).

Payloads ⭐ 3,289

Git All the Payloads! A collection of web attack payloads.

Awesome Nodejs Security ⭐ 2,515

Awesome Node.js Security resources

Blackbird ⭐ 2,073

An OSINT tool to search for accounts by username in social networks.

Awesome Cybersecurity Handbooks ⭐ 1,980

A huge chunk of my personal notes since I started playing CTFs and working as a Red Teamer.

Reconspider ⭐ 1,729

🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.

Burpgpt ⭐ 1,725

A Burp Suite extension that integrates OpenAI's GPT to perform an additional passive scan for discovering highly bespoke vulnerabilities, and enables running traffic-based analysis of any type.

Dorks Collections List ⭐ 1,608

List of Github repositories and articles with list of dorks for different search engines

Metlo ⭐ 1,537

Metlo is an open-source API security platform.

A Red Teamer Diaries ⭐ 1,294

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

Lockdoor Framework ⭐ 1,254

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

Recoverpy ⭐ 1,163

Interactively find and recover deleted or 👉 overwritten 👈 files from your terminal

Fbi Tools ⭐ 1,153

🕵️ OSINT Tools for gathering information and actions forensics 🕵️

Mutillidae ⭐ 1,113

OWASP Mutillidae II is a free, open-source, deliberately vulnerable web application providing a target for web-security training. This is an easy-to-use web hacking environment designed for labs, security enthusiasts, classrooms, CTF, and vulnerability assessment tool targets.

Api Securityempire ⭐ 1,089

API Security Project aims to present unique attack & defense methods in API Security field

Athena Iso ⭐ 902

Athena OS is an Arch Linux-based distro focused on Cybersecurity. Learn, practice and enjoy with any hacking tool!

Passhunt ⭐ 898

Passhunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.

Ssh Snake ⭐ 874

SSH-Snake is a self-propagating, self-replicating, file-less script that automates the post-exploitation task of SSH private key and host discovery.

Awesome List Of Secrets In Environment Variables ⭐ 722

🦄🔒 Awesome list of secrets in environment variables 🖥️

Penetration Testing Study Notes ⭐ 637

Penetration Testing notes, resources and scripts

Autopwn Suite ⭐ 636

AutoPWN Suite is a project for scanning vulnerabilities and exploiting systems automatically.

Datasurgeon ⭐ 630

Quickly Extracts IP's, Email Addresses, Hashes, Files, Credit Cards, Social Secuirty Numbers and a lot More From Text

Zeuscloud ⭐ 628

Open Source Cloud Security

Log4j Detector ⭐ 622

Log4J scanner that detects vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046, etc) on your file-system within any application. It is able to even find Log4J instances that are hidden several layers deep. Works on Linux, Windows, and Mac, and everywhere else Java runs, too!

Cve 2021 44228 Poc Log4j Bypass Words ⭐ 611

🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks

Cybersecurity ⭐ 568

A collection of essential and foundational cybersecurity knowledge, thoughtfully organized for easy comprehension to passionate learners.

Resolvers ⭐ 536

The most exhaustive list of reliable DNS resolvers.

🔑 Hash type identifier (CLI & lib)

Application Security ⭐ 519

Resources for Application Security including Web, API, Android, iOS and Thick Client

Bigbountyrecon ⭐ 471

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

Practicalcybersecurityresources ⭐ 471

This repository contains a curated list of resources I suggest on LinkedIn and Twitter.📝🌝

Ghosttrack ⭐ 470

Useful tool to track location or mobile number

Exploit Notes ⭐ 454

Sticky notes for pentesting, bug bounty, CTF.

Bug Bounty Methodology ⭐ 438

These are my checklists which I use during my hunting.

Powershell Red Team ⭐ 437

Collection of PowerShell functions a Red Teamer may use in an engagement

Spoofy is a program that checks if a list of domains can be spoofed based on SPF and DMARC records.

Pentesting automation platform that combines hacking tools to complete assessments

Open source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.

Bounceback ⭐ 382

↕️🤫 Stealth redirector for your red team operation security

CTF Cheat Sheet + Writeups / Files for some of the Cyber CTFs that I've done

NIVOS is a hacking tool that allows you to scan deeply , crack wifi, see people on your network. It applies to all linux operating systems. And it is improving every day, new packages are added. Thank You For Using NIVOS :> [NIVOS Created By NIVO Team]

Phishapi ⭐ 367

Comprehensive Web Based Phishing Suite for Rapid Deployment and Real-Time Alerting!

Emploleaks ⭐ 352

An OSINT tool that helps detect members of a company with leaked credentials

Offensive Reverse Shell Cheat Sheet ⭐ 351

Collection of reverse shells for red team operations, penetration testing, and offensive security.

Awesome Cybersec Resources ⭐ 314

An awesome collection of curated Cyber Security resources(Books, Tutorials, Blogs, Podcasts, ...)

Agartha ⭐ 292

a burp extension creates dynamic payloads to reveal injection flaws(LFI, RCE, SQLi), generates user access tables to spot authentication/authorization issues, and copys Http requests as JavaScript code.

Graphcrawler ⭐ 268

GraphQL automated security testing toolkit

Evilginx3 Phishlets ⭐ 268

Learn my systematic process of creating Evilginx Phishlets from scratch: https://www.simplerhacking.com

Betterbackdoor ⭐ 262

A backdoor with a multitude of features.

A CPU-based JSON Web Token (JWT) cracker and - to some extent - scanner.

An advanced tool for email reconnaissance

Bucketloot ⭐ 252

BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for custom keywords as well as Regular Expressions from publicly-exposed storage buckets by scanning files that store data in plain-text.

Open-source vulnerability scanner

Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.

Netlas Cookbook ⭐ 229

The goal of this guide is very simple - to teach anyone interested in cyber security, regardless of their knowledge level, how to make the most of Netlas.io.

Network, recon and offensive-security tool for Linux.

Hackingtoolkit ⭐ 220

ALL IN ONE Hacking Tool For Hackers, Penetration Tester and Cybersecurity. New Version Beginner to Advanced Tool. This Tool is made for educational purpose only ! Author will not be responsible for any misuse of this toolkit !

Web Security Scanner

Oscp Cheat Sheet ⭐ 217

This is my OSCP cheat sheet made by combining a lot of different resources online with a little bit of tweaking. I used this cheat sheet during my exam (Fri, 13 Sep 2019) and during the labs. I can proudly say it helped me pass so I hope it can help you as well ! Good Luck and Try Harder

Smersh is a pentest oriented collaborative tool used to track the progress of your company's missions.

Api Securityempire ⭐ 204

API Security Projecto aims to present unique attack & defense methods in API Security field

Oblivion ⭐ 203

Data leak checker & OSINT Tool

Awesome Ios Security ⭐ 201

A curated list of awesome iOS application security resources.

Handbook ⭐ 196

A living document for penetration testing and offensive security.

Conti Pentester Guide Leak ⭐ 191

Leaked pentesting manuals given to Conti ransomware crooks

Nightingale ⭐ 183

It's a Docker Environment for Pentesting which having all the required tool for VAPT.

Tryhackme Ctf ⭐ 178

TryHackMe CTFs writeups, notes, drafts, scrabbles, files and solutions.

Lucifer ⭐ 177

A Powerful Penetration Tool For Automating Penetration Tasks Such As Local Privilege Escalation, Enumeration, Exfiltration and More... Use Or Build Automation Modules To Speed Up Your Cyber Security Life

Redditc2 ⭐ 174

Abusing Reddit API to host the C2 traffic, since most of the blue-team members use Reddit, it might be a great way to make the traffic look legit.

Docker Security Images ⭐ 173

🔐 Docker Container for Penetration Testing & Security

Black Widow ⭐ 168

GUI based offensive penetration testing tool (Open Source)

Offsectools_www ⭐ 162

A vast collection of security tools and resources curated by the community.

Pentesting Bugbounty ⭐ 162

Bringing infosec community, group and leaders together that solve community challenges, problems, create cultural and provide value to Infosec community.

Pycript ⭐ 153

Burp Suite extension for bypassing client-side encryption using custom logic for pentesting and bug bounty

Admin Scanner ⭐ 141

This tool is design to find admin panel of any website by using custom wordlist or default wordlist easily and allow you to find admin panel trough a proxy server

Kali Linux Tools Interface ⭐ 141

Graphical Web interface developed to facilitate the use of security information tools.

Skanuvaty ⭐ 140

Dangerously fast DNS/network/port scanner

Shodan Dorks ⭐ 140

Dorks for shodan.io. Some basic shodan dorks collected from publicly available data.

Information Security ⭐ 138

A place where I can create, collect and share tooling, resources and knowledge about information security.

Sharpstrike ⭐ 137

A Post exploitation tool written in C# uses either CIM or WMI to query remote systems.

The_hive ⭐ 137

My public notes about offensive security

Kitsec Core ⭐ 136

Ethical hacking, made easy.

Writeups ⭐ 133

This repository contains writeups for various CTFs I've participated in (Including Hack The Box).

RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.

Witch_craft ⭐ 125

WITCH_CRAFT is a versatile task automation software designed to serve as the foundation for various cyber security modules. It provides capabilities for tasks such as forensic research, OSINT (Open Source Intelligence), scanning, backup and copying, intrusion testing of applications and APIs, and more.

Cve 2021 21315 Poc ⭐ 121

CVE 2021-21315 PoC

Webstor ⭐ 119

A script to quickly enumerate all websites across all of your organization's networks, store their responses, and query for known web technologies, such as those with zero-day vulnerabilities.

Infosec And Hacking Scripts ⭐ 118

🚀 This is a collection of hacking🔥 and pentesting 🧐 scripts to help with enumeration, OSINT, exploitation and post exploitation automated scripts to make hacking easier🌠. Have fun!😎

Awesome Ddos Tools ⭐ 115

Collection of several DDos tools.

Argus Advanced Remote & Local Keylogger For macOS and Windows

Ejpt Notes ⭐ 103

Notes I took while preparing for eJPT certification by eLearn Security (passed 19/20)

Related Searches

Python Penetration Testing (1,380)

Python Cybersecurity (791)

Security Penetration Testing (767)

Shell Penetration Testing (520)

Security Cybersecurity (470)

Scanner Penetration Testing (373)

1-100 of 125 search results

Privacy | About | Terms | Follow Us On Twitter

Copyright 2018-2024 Awesome Open Source. All rights reserved.