Awesome Open Source
Search
Programming Languages
Languages
All Categories
Categories
About
Search results for penetration testing offensive security
offensive-security
x
penetration-testing
x
72 search results found
Defaultcreds Cheat Sheet
⭐
5,023
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Redteaming Tactics And Techniques
⭐
3,744
Red Teaming Tactics and Techniques
Villain
⭐
3,376
Villain is a C2 framework that can handle multiple TCP socket & HoaxShell-based reverse shells, enhance their functionality with additional features (commands, utilities etc) and share them among connected sibling servers (Villain instances running on different machines).
Raccoon
⭐
2,928
A high performance offensive security tool for reconnaissance and vulnerability scanning
Nosqlmap
⭐
2,728
Automated NoSQL database enumeration and web application exploitation tool.
Black Hat Rust
⭐
2,662
Applied offensive security with Rust - https://kerkour.com/black-hat-rust
Oscp
⭐
2,235
OSCP Cheat Sheet
Reconnoitre
⭐
2,053
A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
Awesome Cybersecurity Handbooks
⭐
1,980
A huge chunk of my personal notes since I started playing CTFs and working as a Red Teamer.
Awesome Oscp
⭐
1,962
A curated list of awesome OSCP resources
Ligolo Ng
⭐
1,950
An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.
Rapidscan
⭐
1,489
🆕 The Multi-Tool Web Vulnerability Scanner.
Chimera
⭐
1,192
Chimera is a PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.
Vhostscan
⭐
1,114
A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
Oscp Tricks 2023
⭐
769
OSCP 2023 Preparation Guide | Courses, Tricks, Tutorials, Exercises, Machines
Blackmamba
⭐
688
C2/post-exploitation framework
Oscp Human Guide
⭐
582
My own OSCP guide
Powershell Obfuscation Bible
⭐
574
A collection of techniques, examples and a little bit of theory for manually obfuscating PowerShell scripts to achieve AV evasion, compiled for educational purposes. The contents of this repository are the result of personal research, including reading materials online and conducting trial-and-error attempts in labs and pentests.
Psmapexec
⭐
549
A PowerShell tool that takes strong inspiration from CrackMapExec.
Penetration Testing Cheat Sheet
⭐
540
Work in progress...
Redteam_toolkit
⭐
512
Red Team Toolkit is an Open-Source Django Offensive Web-App which is keeping the useful offensive tools used in the red-teaming together.
Vault
⭐
477
swiss army knife for hackers
Bigbountyrecon
⭐
471
BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Offsec Reporting
⭐
459
Offensive Security OSCP, OSWP, OSEP, OSWA, OSWE, OSED, OSMR, OSEE, OSDA Exam and Lab Reporting / Note-Taking Tool
Flask Session Cookie Manager
⭐
429
🍪 Flask Session Cookie Decoder/Encoder
Vanquish
⭐
422
Vanquish is Kali Linux based Enumeration Orchestrator. Vanquish leverages the opensource enumeration tools on Kali to perform multiple active information gathering phases.
Gtfonow
⭐
414
Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries using GTFOBins.
Badkarma
⭐
408
network reconnaissance toolkit
Pentest Everything
⭐
379
A collection of CTF write-ups, pentesting topics, guides and notes. Notes compiled from multiple sources and my own lab research. Topics also support OSCP, Active Directory, CRTE, eJPT and eCPPT.
Php Reverse Shell
⭐
363
PHP shells that work on Linux OS, macOS, and Windows OS.
Android Penetration Testing Cheat Sheet
⭐
304
Work in progress...
East
⭐
293
Exploits and Security Tools Framework 2.0.1
Agartha
⭐
292
a burp extension creates dynamic payloads to reveal injection flaws(LFI, RCE, SQLi), generates user access tables to spot authentication/authorization issues, and copys Http requests as JavaScript code.
Invoker
⭐
292
Penetration testing utility and antivirus assessment tool.
Knary
⭐
282
A simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams/Lark/Telegram & Pushover support
Wifi Penetration Testing Cheat Sheet
⭐
277
Work in progress...
Wifi Pentesting Guide
⭐
269
WiFi Penetration Testing Guide
Powershell Reverse Tcp
⭐
263
PowerShell scripts for communicating with a remote host.
Credphish
⭐
262
CredPhish is a PowerShell script designed to invoke legitimate credential prompts and exfiltrate passwords over DNS.
Ios Penetration Testing Cheat Sheet
⭐
241
Work in progress...
Hawk
⭐
227
Network, recon and offensive-security tool for Linux.
Nativepayloads
⭐
219
All my Source Codes (Repos) for Red-Teaming & Pentesting + Blue Teaming
Forbidden
⭐
208
Bypass 4xx HTTP response status codes and more. Based on PycURL and Python Requests.
Hades
⭐
198
Go shellcode loader that combines multiple evasion techniques
Handbook
⭐
196
A living document for penetration testing and offensive security.
Conti Pentester Guide Leak
⭐
191
Leaked pentesting manuals given to Conti ransomware crooks
Offsec Tools
⭐
181
Compiled tools for internal assessments
Invoke Apex
⭐
175
A PowerShell-based toolkit and framework consisting of a collection of techniques and tradecraft for use in red team, post-exploitation, adversary simulation, or other offensive security tasks.
Black Widow
⭐
168
GUI based offensive penetration testing tool (Open Source)
Pyphisher
⭐
154
Python tool for phishing
Crithit
⭐
152
Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Favirecon
⭐
149
Use favicon.ico to improve your target recon phase. Quickly detect technologies, WAF, exposed panels, known services.
Nix Security Box
⭐
147
Tool set for Information security professionals and all others
Wwwtree
⭐
146
A utility for quickly and easily locating, web hosting and transferring resources (e.g., exploits/enumeration scripts) from your filesystem to a victim machine during privilege escalation.
Offensive Dockerfiles
⭐
132
Offensive tools as Dockerfiles. Lightweight & Ready to go
Red Team Playbooks
⭐
123
This repository contains cutting-edge open-source security notes and tools that will help you during your Red Team assessments.
Cve 2021 21315 Poc
⭐
121
CVE 2021-21315 PoC
Dfshell
⭐
115
D3Ext's Forward Shell
Synergy Httpx
⭐
106
A Python http(s) server designed to assist in red teaming activities such as receiving intercepted data via POST requests and serving content dynamically (e.g. payloads).
Pathwar
⭐
102
☠️ The Pathwar Project ☠️
Oscp
⭐
100
My OSCP journey
Spellbook
⭐
96
Framework for rapid development of offensive security tools
Arsenal
⭐
96
Offensive security tools weaponized
Terminatorz
⭐
95
TerminatorZ is a highly sophisticated and efficient web security tool that scans for top potential vulnerabilities with known CVEs in your web applications.
Punk.py
⭐
94
unix SSH post-exploitation 1337 tool
Superlibrary
⭐
94
Information Security Library
Secfiles
⭐
94
My files for security assessments, bug bounty and other security related stuff
Docker_offensive_elk
⭐
90
Elasticsearch for Offensive Security
Pythonizing_nmap
⭐
85
A detailed guide showing you different ways you can incorporate Python into your workflows around Nmap.
Pentest Everything
⭐
81
This is a penetration testing cheatsheet I created to get my OSCP certification.
Suass
⭐
75
one-stop resource for all things offensive security.
Httpworker
⭐
74
A Flask-based HTTP(S) command and control (C2) framework with a web interface. Custom Windows EXE/DLL implants written in C++. For educational use only.
Uscan
⭐
69
uscan is an automated vulnerability scanner that streamlines the process of website hacking, making it faster and more efficient than ever before.
Phaser
⭐
53
Automated attack surface mapper and vulnerability scanner (Work In Progress 🚧)
Sqli Postgres Rce Privesc Hacking Playground
⭐
52
Application with SQL Injection vulnerability and possible privilege escalation. Free vulnerable app for ethical hacking / penetration testing training.
Oscp Omnibus
⭐
46
A collection of resources I'm using while working toward the OSCP
Oscp A Step Forward
⭐
46
Opening the door, one reverse shell at a time
Dnsexplorer
⭐
46
Bash script that automates the enumeration of domain, subdomains & web servers in the active information gathering.
Sqlmutant
⭐
44
SQLMutant is a comprehensive SQL injection testing tool that provides several features to test for SQL injection vulnerabilities in web applications, uses various techniques to detect vulnerabilities, including pattern matching, error analysis, and timing attacks. The integration of Waybackurls and Arjun allows the tool to find additional
Hackthebox Reporting
⭐
41
Hack The Box CPTS, CBBH Exam and Lab Reporting / Note-Taking Tool
Namebuster
⭐
41
A tool for username enumeration, using text, files, or websites
Machine_learning_ctf_challenges
⭐
39
CTF challenges designed and implemented in machine learning applications
Pentesting Resources
⭐
37
Resources, repos and scripts for pentesters and bug bounty.
Offensive Security Cheatsheets
⭐
37
Offensive Security / Pentesting Cheat Sheets
Java Reverse Tcp
⭐
34
JAR, Java, and JSP shells that work on Linux OS, macOS, and Windows OS.
Posts
⭐
34
Posts about different topics
C2pe
⭐
34
C2 and Post Exploitation Code
Haxtools
⭐
31
A highly customised CTF, bounty hunting & penetration testing environment based on the official kali-rolling docker image
Wpgen
⭐
27
Generator Malicious Plugins WordPress
Xss Catcher
⭐
26
Simple API for storing all incoming XSS requests.
W4af
⭐
23
w4af: web advanced application attack and audit framework, the open source web vulnerability scanner.
Pwnkit Exploit
⭐
22
Proof of Concept (PoC) CVE-2021-4034
Bifrost
⭐
21
Bifrost C2. Open-source post-exploitation using Discord API
Dns Exfiltrator
⭐
19
Exfiltrate data with DNS queries. Based on CertUtil and NSLookup.
Secure Website
⭐
19
Secure website with a registration, sign in, session management, and CRUD controls.
Chad
⭐
17
Search Google Dorks like Chad. / Social media takeover tool.
Oscp
⭐
17
My notebook for OSCP Lab
Ttps
⭐
17
Tactics, Techniques, and Procedures
Oswa
⭐
17
A collection of useful commands, scripts and resources for the OSWA (WEB-200) exam of Offensive Security
Webhacking
⭐
16
This repo contain Myanmar Pentster Community web-hacking class resources and published with education purpose.
Related Searches
Python Penetration Testing (1,380)
Security Penetration Testing (767)
Scanner Penetration Testing (373)
Penetration Testing Red Team (373)
Penetration Testing Hacking Tool (334)
Penetration Testing Pentest Tool (331)
Penetration Testing Information Security (284)
Vulnerabilities Penetration Testing (227)
Penetration Testing Cybersecurity (212)
Golang Penetration Testing (208)
1-72 of 72 search results
Privacy
|
About
|
Terms
|
Follow Us On Twitter
Copyright 2018-2024 Awesome Open Source. All rights reserved.
