Awesome Open Source
Search
Programming Languages
Languages
All Categories
Categories
About
Search results for penetration testing pentesting tools
penetration-testing
x
pentesting-tools
x
39 search results found
Scanners Box
⭐
8,001
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
Sn1per
⭐
7,480
Attack Surface Management Platform
Whatweb
⭐
5,371
Next generation web scanner
Feroxbuster
⭐
5,006
A fast, simple, recursive content discovery tool written in Rust.
Nettacker
⭐
2,915
Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management
Hoaxshell
⭐
2,678
A Windows reverse shell payload generator and handler that abuses the http(s) protocol to establish a beacon-like reverse shell.
Finalrecon
⭐
2,054
All In One Web Recon
Pwndoc
⭐
1,827
Pentest Report Generator
Pwncat
⭐
1,727
pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)
Lockdoor Framework
⭐
1,254
🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources
Toxssin
⭐
1,105
An XSS exploitation command-line interface and payload generator.
Sysreptor
⭐
979
Fully customisable, offensive security reporting solution designed for pentesters, red teamers and other security-related people alike.
Frida Ios Hook
⭐
744
A tool that helps you easy trace classes, functions, and modify the return values of methods on iOS platform
Offensive Docker
⭐
721
Offensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.
O365spray
⭐
604
Username enumeration and password spraying tool aimed at Microsoft O365.
Apkhunt
⭐
580
APKHunt is a comprehensive static code analysis tool for Android apps that is based on the OWASP MASVS framework. Although APKHunt is intended primarily for mobile app developers and security testers, it can be used by anyone to identify and address potential security vulnerabilities in their code.
Sstimap
⭐
546
Automatic SSTI detection tool with interactive interface
Ddexec
⭐
514
A technique to run binaries filelessly and stealthily on Linux by "overwriting" the shell's process with another.
Offsec Reporting
⭐
459
Offensive Security OSCP, OSWP, OSEP, OSWA, OSWE, OSED, OSMR, OSEE, OSDA Exam and Lab Reporting / Note-Taking Tool
Iot Pt
⭐
389
A Virtual environment for Pentesting IoT Devices
Offensive Osint Tools
⭐
373
OffSec OSINT Pentest/RedTeam Tools
Pwndoc Ng
⭐
273
Pentest Report Generator
Wifi Pentesting Guide
⭐
269
WiFi Penetration Testing Guide
Rogue
⭐
269
An extensible toolkit providing penetration testers an easy-to-use platform to deploy Access Points during penetration testing and red team engagements.
Keyfinder
⭐
265
Keyfinder🔑 is a tool that let you find keys while surfing the web!
Golinkfinder
⭐
217
A fast and minimal JS endpoint extractor
Wraith
⭐
211
[WIP] A free and open-source, modular Remote Administration Tool (RAT) / Payload Dropper written in Go(lang) with a flexible command and control (C2) system.
Learn365
⭐
207
This repository is about @AnubhavSingh_'s 365 days of Learning Tweets collection.
Gtfoblookup
⭐
206
Offline command line lookup utility for GTFOBins (https://github.com/GTFOBins/GTFOBins.github.io), LOLBAS (https://github.com/LOLBAS-Project/LOLBAS), WADComs (https://wadcoms.github.io), and HijackLibs (https://hijacklibs.net/).
Mksub
⭐
204
Generate tens of thousands of subdomain combinations in a matter of seconds
Handbook
⭐
196
A living document for penetration testing and offensive security.
Crimson
⭐
194
Web Application Security Testing Tools
Conti Pentester Guide Leak
⭐
191
Leaked pentesting manuals given to Conti ransomware crooks
Offsec Tools
⭐
181
Compiled tools for internal assessments
Rapidpayload
⭐
176
Framework RapidPayload - Metasploit Payload Generator | Crypter FUD AntiVirus Evasion
Dsieve
⭐
168
Filter and enrich a list of subdomains by level
Amnesiac
⭐
157
Amnesiac is a post-exploitation framework entirely written in PowerShell and designed to assist with lateral movement within Active Directory environments
Mkpath
⭐
154
Make URL path combinations using a wordlist
Favirecon
⭐
149
Use favicon.ico to improve your target recon phase. Quickly detect technologies, WAF, exposed panels, known services.
Nix Security Box
⭐
147
Tool set for Information security professionals and all others
Wwwtree
⭐
146
A utility for quickly and easily locating, web hosting and transferring resources (e.g., exploits/enumeration scripts) from your filesystem to a victim machine during privilege escalation.
Pakuri
⭐
140
PAKURI has been merged with Python and launched as a new project, PAKURI-THON.
Edge
⭐
131
Recon tool for cloud provider attribution. Supports AWS, Azure, Google, Cloudflare, and Digital Ocean.
Jwtxploiter
⭐
130
A tool to test security of json web token
Webstor
⭐
119
A script to quickly enumerate all websites across all of your organization's networks, store their responses, and query for known web technologies, such as those with zero-day vulnerabilities.
Misc
⭐
101
Scripts and other stuff.
Petep
⭐
95
PETEP (PEnetration TEsting Proxy) is an open-source Java application for traffic analysis & modification using TCP/UDP proxies. PETEP is a useful tool for performing penetration tests of applications with various application protocols. ⚡
Nist To Tech
⭐
88
An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)
Turbo Attack
⭐
87
A turbo traffic generator pentesting tool to generate random traffic with random mac and ip addresses in addition to random sequence numbers to a particular ip and port.
Xeca
⭐
86
PowerShell payload generator
Scanpro
⭐
79
ScanPro - NMap Scanning Scripts ~ Network Mapper
Rustpad
⭐
78
Multi-threaded Padding Oracle attacks against any service. Written in Rust.
Sqli Query Tampering
⭐
74
SQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder. This extension gives you the flexibility of manual testing with many powerful evasion techniques.
Pentest Bookmarkz
⭐
67
A collection of useful links for Pentesters
Wifi Deauth
⭐
63
A deauth attack that disconnects all devices from the target wifi network (2.4Ghz & 5Ghz)
Frida_setup
⭐
63
One-click installer for Frida and Burp certs for SSL Pinning bypass
Pwnpad
⭐
60
🐳 VMs are bloat. Dockerise your CTF environment.
Enumerepo
⭐
60
List all public repositories for (valid) GitHub usernames
Tropx
⭐
40
The swiss army knife for cybersecurity enthusiasts. All needed scripts and tools integrated into one portable and customizable CLI.
Hackarsenaltoolkit
⭐
39
Hacking arsenal. This script download the latest tools, wordlists, releases and install common hacking tools
Wpa2 Enterprise Attack
⭐
36
Virtual machines and scripts to attack WPA2-Enterprise networks through Rogue Access Points downgrading the authentication method to GTC
Yggdrasil
⭐
36
Automation script to download tools and configurate kali linux for various cybersecurity categories
Condi Boatnet
⭐
35
Condi Boatnet Ver 1 (old killer)
Hande Stealer
⭐
34
Powerful Discord Stealer written in python
Mgwls
⭐
31
Combine words from two wordlist files and concatenate them with an optional delimiter
Sharpleftovers
⭐
30
A C# Tool to find left over pentest data for use in your pentest or redteam op. Blue could maybe use to find files to cleanup
Catspin
⭐
29
Catspin rotates the IP address of HTTP requests making IP based blocks or slowdown measures ineffective. It is based on AWS API Gateway and deployed via AWS Cloudformation.
Alien
⭐
27
Webshell Manager Tool/一句話木馬管理工具/Trojan/Backdoor/Pentest
Packet Sequence
⭐
24
A pen-test/DoS tool that can be used to send single or multiple packets in sequences with a lot of packet customization.
Responder Parser
⭐
23
Most Responder's configuration power in your hand
Spraycannon
⭐
22
Fast multithreaded multiplatform password spraying tool designed for easy use. Supports webhooks, jitter, delay, files, rotation, backend database
Wolverineframework Discontinued
⭐
22
WolverineFramework - Free, OpenSource and easy to use Cybersecurity Framework.
Hackbar
⭐
21
HackBar is a security audit tool that will enable you to pentest websites more easily. ... You can use it to check site security by performing SQL injections, XSS holes and more. It also has a user-friendly interface that makes it easy for you to do fuzz testing, hash generation, encoding and more.
Arsenal
⭐
20
Tools for bug hunting in a container
Crowbar
⭐
19
A windows post exploitation tool that contains a lot of features for information gathering and more.
Python For Ethical Hacking
⭐
17
Build tools for hacking ethically using python.
Blestsploit
⭐
16
BlestSploit Framework, exploitation framework for Ethical Hackers and CyberSecurity Experts & Pentesters
Memdlopen
⭐
16
dlopen() filelessly a shared object or even a program (and run it).
Androset
⭐
15
Automated script to convert and push Burp Suite certificate in Android, and modify Android's IP table to redirect all traffic to Burp Suite.
Paraforge
⭐
13
A BurpSuite extension to create a custom word-list of endpoint and parameters for enumeration and fuzzing
Searcher
⭐
13
Run a base query (plus optional add-ons) through ask, bing, brave, duck duck go, yahoo, and yandex.
Useragent Fuzz Lib
⭐
12
User-agent Fuzzing Library. This repository holds data of all the user agents in the `user_agents.json` file, which can be used directly with any tool that can parse json format.
Mavoc
⭐
12
Mavoc is an Automated c2 Windows and Linux Pentesting Tool used to generate reverse shell and deploy attacking scripts to host machines and can maintain multiple reverse connections .
Pentesting
⭐
11
Cyber Security
Gosublister
⭐
11
A uber fast subdomain enumerator for web URLs using the power of Goroutines.
Keylogger
⭐
11
A Keylogger made in Python that sends you the collected data via email.
Pmr
⭐
11
PMR - PT & VA Management & Reporting is a collaboration platform for pen-testing. PMR Platform is maintained by @SabrySecurity https://sabry.sa
Multitool
⭐
10
Simple Penetration Testing Multitool For Beginners.
Codeargos
⭐
10
A python module for red teams to support the continuous recon of JavaScript files and HTML script blocks in an active web application.
Khata
⭐
9
WebHook for Red Team
Ethical Hacking
⭐
9
Codes for malware, viruses and key-logger and other tools
Autoreverse
⭐
9
This tool configure malicious payloads such as .exe, .dll, php and ps1 files.
Hacking With Kali Cheatsheets
⭐
8
This repository is all about text files containing the way /steps to penetrate a system . it includes network pentesting ,web pentesting , network sniffing ,network cracking ,brute forcing and MITM attacks docs for http connection only .
Digit
⭐
8
Extract endpoints from specific Git repository for fuzzing
X_insta
⭐
7
X_INSTA Powerful INSTAGRAM Password Brute Force Tool For Windows
Subdo
⭐
7
Subdo is a Pentesting/OSINT software that automates the enumeration, verification and analysis of subdomains, using public registries such as Shodan or crt.sh.
Advanced Penetration Testing Script
⭐
7
The script is an advanced Python-based tool that can be used to test a website for various vulnerabilities such as SQL injection, cross-site scripting (XSS), cross-site request forgery (CSRF) and insecure file upload.
Godigdomain
⭐
7
用Go语言编写的域名爆破工具
Delebetor
⭐
6
Installs and adjusts Pentest tools.
Rabbitmq Pentesting
⭐
6
RabbitMQ exploit and Pentesting guide for penetration tester
Related Searches
Python Penetration Testing (1,282)
Security Penetration Testing (703)
Shell Penetration Testing (454)
Penetration Testing Red Team (413)
Scanner Penetration Testing (373)
Exploitation Penetration Testing (354)
Penetration Testing Pentest Tool (320)
Penetration Testing Security Tools (318)
Penetration Testing Information Security (284)
Penetration Testing Hacking Tool (282)
1-39 of 39 search results
Privacy
|
About
|
Terms
|
Follow Us On Twitter
Copyright 2018-2024 Awesome Open Source. All rights reserved.