Awesome Open Source
Search
Programming Languages
Languages
All Categories
Categories
About
Search results for penetration testing pentesting tools
penetration-testing
x
pentesting-tools
x
49 search results found
Scanners Box
⭐
7,972
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
Sn1per
⭐
7,480
Attack Surface Management Platform
Whatweb
⭐
5,096
Next generation web scanner
Feroxbuster
⭐
5,006
A fast, simple, recursive content discovery tool written in Rust.
Nettacker
⭐
2,915
Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management
Hoaxshell
⭐
2,678
A Windows reverse shell payload generator and handler that abuses the http(s) protocol to establish a beacon-like reverse shell.
Malicious Pdf
⭐
2,029
💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh
Finalrecon
⭐
1,949
All In One Web Recon
Pwndoc
⭐
1,827
Pentest Report Generator
Pwncat
⭐
1,638
pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)
Platypus
⭐
1,372
🔨 A modern multiple reverse shell sessions manager written in go
Lockdoor Framework
⭐
1,254
🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources
Toxssin
⭐
1,105
An XSS exploitation command-line interface and payload generator.
Learn365
⭐
1,006
This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection.
Sysreptor
⭐
979
Fully customisable, offensive security reporting solution designed for pentesters, red teamers and other security-related people alike.
Aptrs
⭐
750
Automated Penetration Testing Reporting System
Frida Ios Hook
⭐
744
A tool that helps you easy trace classes, functions, and modify the return values of methods on iOS platform
Offensive Docker
⭐
718
Offensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.
Justtryharder
⭐
709
JustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)
O365spray
⭐
604
Username enumeration and password spraying tool aimed at Microsoft O365.
Apkhunt
⭐
580
APKHunt is a comprehensive static code analysis tool for Android apps that is based on the OWASP MASVS framework. Although APKHunt is intended primarily for mobile app developers and security testers, it can be used by anyone to identify and address potential security vulnerabilities in their code.
Firecrack
⭐
560
🔥 Firecrack pentest tools: Facebook hacking random attack, deface, admin finder, bing dorking:
Sstimap
⭐
546
Automatic SSTI detection tool with interactive interface
Ddexec
⭐
514
A technique to run binaries filelessly and stealthily on Linux by "overwriting" the shell's process with another.
Offsec Reporting
⭐
459
Offensive Security OSCP, OSWP, OSEP, OSWA, OSWE, OSED, OSMR, OSEE, OSDA Exam and Lab Reporting / Note-Taking Tool
Iot Pt
⭐
389
A Virtual environment for Pentesting IoT Devices
Offensive Osint Tools
⭐
373
OffSec OSINT Pentest/RedTeam Tools
Shotdroid
⭐
274
ShotDroid is a pentesting tool for android. There are 3 tools that have their respective functions, Get files from Android directory, internal and external storage, Android Keylogger + Reverse Shell and Take a webcam shot of the face from the front camera of the phone and PC.
Pwndoc Ng
⭐
273
Pentest Report Generator
Wifi Pentesting Guide
⭐
269
WiFi Penetration Testing Guide
Rogue
⭐
269
An extensible toolkit providing penetration testers an easy-to-use platform to deploy Access Points during penetration testing and red team engagements.
Keyfinder
⭐
265
Keyfinder🔑 is a tool that let you find keys while surfing the web!
Wechat Dump Rs
⭐
239
该工具用于导出正在运行中的微信进程的 key 并自动解密所有微信数据库文件以及导出 key 后数据库文件离线解密。
Golinkfinder
⭐
217
A fast and minimal JS endpoint extractor
Learn365
⭐
207
This repository is about @AnubhavSingh_'s 365 days of Learning Tweets collection.
Gtfoblookup
⭐
206
Offline command line lookup utility for GTFOBins (https://github.com/GTFOBins/GTFOBins.github.io), LOLBAS (https://github.com/LOLBAS-Project/LOLBAS), WADComs (https://wadcoms.github.io), and HijackLibs (https://hijacklibs.net/).
Mksub
⭐
204
Generate tens of thousands of subdomain combinations in a matter of seconds
Handbook
⭐
196
A living document for penetration testing and offensive security.
Wraith
⭐
195
[WIP] A free and open-source, modular Remote Administration Tool (RAT) / Payload Dropper written in Go(lang) with a flexible command and control (C2) system.
Crimson
⭐
194
Web Application Security Testing Tools
Conti Pentester Guide Leak
⭐
191
Leaked pentesting manuals given to Conti ransomware crooks
Offsec Tools
⭐
181
Compiled tools for internal assessments
Rapidpayload
⭐
176
Framework RapidPayload - Metasploit Payload Generator | Crypter FUD AntiVirus Evasion
Reconky Automated_bash_script
⭐
170
Reconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.
Dsieve
⭐
168
Filter and enrich a list of subdomains by level
Ics Pentesting Tools
⭐
162
A curated list of tools related to Industrial Control System (ICS) security and Penetration Testing
Amnesiac
⭐
157
Amnesiac is a post-exploitation framework entirely written in PowerShell and designed to assist with lateral movement within Active Directory environments
Mkpath
⭐
154
Make URL path combinations using a wordlist
Favirecon
⭐
149
Use favicon.ico to improve your target recon phase. Quickly detect technologies, WAF, exposed panels, known services.
Nix Security Box
⭐
147
Tool set for Information security professionals and all others
Wwwtree
⭐
146
A utility for quickly and easily locating, web hosting and transferring resources (e.g., exploits/enumeration scripts) from your filesystem to a victim machine during privilege escalation.
Admin Scanner
⭐
141
This tool is design to find admin panel of any website by using custom wordlist or default wordlist easily and allow you to find admin panel trough a proxy server
Pakuri
⭐
140
PAKURI has been merged with Python and launched as a new project, PAKURI-THON.
Laf
⭐
137
This project intends to provide a series of tools to craft, parse, send, analyze and crack a set of LoRaWAN packets in order to audit or pentest the security of a LoraWAN infrastructure.
Edge
⭐
131
Recon tool for cloud provider attribution. Supports AWS, Azure, Google, Cloudflare, and Digital Ocean.
Jwtxploiter
⭐
130
A tool to test security of json web token
Smtptester
⭐
123
small python3 tool to check common vulnerabilities in SMTP servers
Webstor
⭐
119
A script to quickly enumerate all websites across all of your organization's networks, store their responses, and query for known web technologies, such as those with zero-day vulnerabilities.
Argus
⭐
111
Argus Advanced Remote & Local Keylogger For macOS and Windows
Burp Suite Pro
⭐
109
A bash and powershell script to download the latest version of Burp-Suite Professional and use it for free.
Misc
⭐
101
Scripts and other stuff.
Petep
⭐
95
PETEP (PEnetration TEsting Proxy) is an open-source Java application for traffic analysis & modification using TCP/UDP proxies. PETEP is a useful tool for performing penetration tests of applications with various application protocols. ⚡
Mediator
⭐
91
An extensible, end-to-end encrypted reverse shell that works across networks without port forwarding.
Nist To Tech
⭐
88
An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)
Turbo Attack
⭐
87
A turbo traffic generator pentesting tool to generate random traffic with random mac and ip addresses in addition to random sequence numbers to a particular ip and port.
Xeca
⭐
86
PowerShell payload generator
Mailripv2
⭐
80
Improved SMTP Checker / SMTP Cracker with proxy-support, inbox test and many more features.
Scanpro
⭐
79
ScanPro - NMap Scanning Scripts ~ Network Mapper
Rustpad
⭐
78
Multi-threaded Padding Oracle attacks against any service. Written in Rust.
Sqli Query Tampering
⭐
74
SQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder. This extension gives you the flexibility of manual testing with many powerful evasion techniques.
Smtp User Enum
⭐
74
SMTP user enumeration via VRFY, EXPN and RCPT with clever timeout, retry and reconnect functionality.
Rsgen
⭐
73
rsGen is a Reverse Shell Payload Generator for hacking.
Hacknetics
⭐
67
Contained is all my reference material for my OSCP / Red Teaming. Designed to be a one stop shop for code, guides, command syntax, and high level strategy. One simple clone and you have access to some of the most popular tools used for pentesting.
Pentest Bookmarkz
⭐
67
A collection of useful links for Pentesters
Frida_setup
⭐
63
One-click installer for Frida and Burp certs for SSL Pinning bypass
Wifi Deauth
⭐
63
A deauth attack that disconnects all devices from the target wifi network (2.4Ghz & 5Ghz)
Enumerepo
⭐
60
List all public repositories for (valid) GitHub usernames
Pwnpad
⭐
60
🐳 VMs are bloat. Dockerise your CTF environment.
Offensive Docker Vps
⭐
52
Create a VPS on Google Cloud Platform or Digital Ocean easily with Offensive Docker included to launch assessment to the targets.
Xsmtp
⭐
46
xSMTP 🦟 Lightning fast, multithreaded smtp scanner targeting open-relay and unsecured servers in multiple network ranges.
Scanman
⭐
42
ScanMan is the amalgamation of Masscan, Metasploit Framework (MSF) and Nmap Scripting Engine (NSE).
Tropx
⭐
40
The swiss army knife for cybersecurity enthusiasts. All needed scripts and tools integrated into one portable and customizable CLI.
Hackarsenaltoolkit
⭐
39
Hacking arsenal. This script download the latest tools, wordlists, releases and install common hacking tools
Termux X
⭐
39
it is unofficial repository maintained by me @hax4us. you can check available packages in README
Rbust
⭐
39
[ Blazing Fast Web Fuzzer in Rust ]
Phisherprice
⭐
38
All In One Pentesting Tool For Recon & Auditing , Phone Number Lookup , Header , SSH Scan , SSL/TLS Scan & Much More.
Yggdrasil
⭐
36
Automation script to download tools and configurate kali linux for various cybersecurity categories
Wpa2 Enterprise Attack
⭐
36
Virtual machines and scripts to attack WPA2-Enterprise networks through Rogue Access Points downgrading the authentication method to GTC
Condi Boatnet
⭐
35
Condi Boatnet Ver 1 (old killer)
Constole
⭐
35
Scan for and exploit Consul agents
Hande Stealer
⭐
34
Powerful Discord Stealer written in python
Adbnet
⭐
32
A tool that allows you to search for vulnerable android devices across the world and exploit them.
Mgwls
⭐
31
Combine words from two wordlist files and concatenate them with an optional delimiter
Sharpleftovers
⭐
30
A C# Tool to find left over pentest data for use in your pentest or redteam op. Blue could maybe use to find files to cleanup
Catspin
⭐
29
Catspin rotates the IP address of HTTP requests making IP based blocks or slowdown measures ineffective. It is based on AWS API Gateway and deployed via AWS Cloudformation.
Ipwn
⭐
28
A Framework meant for the exploitation of iOS devices.
Alien
⭐
27
Webshell Manager Tool/一句話木馬管理工具/Trojan/Backdoor/Pentest
Packet Sequence
⭐
24
A pen-test/DoS tool that can be used to send single or multiple packets in sequences with a lot of packet customization.
Responder Parser
⭐
23
Most Responder's configuration power in your hand
Wolverineframework Discontinued
⭐
22
WolverineFramework - Free, OpenSource and easy to use Cybersecurity Framework.
Related Searches
Python Penetration Testing (1,282)
Security Penetration Testing (703)
Shell Penetration Testing (454)
Penetration Testing Red Team (413)
Scanner Penetration Testing (373)
Exploitation Penetration Testing (354)
Penetration Testing Pentest Tool (320)
Penetration Testing Security Tools (318)
Penetration Testing Information Security (284)
Penetration Testing Hacking Tool (282)
1-49 of 49 search results
Privacy
|
About
|
Terms
|
Follow Us On Twitter
Copyright 2018-2024 Awesome Open Source. All rights reserved.