Awesome Open Source

Programming Languages

Search results for penetration testing security audit

penetration-testing x

security-audit x

50 search results found

Scanners Box ⭐ 7,927

A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑

Faraday ⭐ 4,422

Open Source Vulnerability Management Platform

Arachni ⭐ 3,632

Web Application Security Scanner Framework

Vulscan ⭐ 2,983

Advanced vulnerability scanning with Nmap NSE

Xunfeng ⭐ 2,946

巡风是一款适用于企业内网的漏洞快速应急，巡航扫描系统。

Nosqlmap ⭐ 2,728

Automated NoSQL database enumeration and web application exploitation tool.

Reconnoitre ⭐ 2,053

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

Owasp Masvs ⭐ 1,938

The OWASP MASVS (Mobile Application Security Verification Standard) is the industry standard for mobile app security.

Pwndoc ⭐ 1,827

Pentest Report Generator

Sn0int ⭐ 1,749

Semi-automatic OSINT framework and package manager

Diamorphine ⭐ 1,639

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x/6.x (x86/x86_64 and ARM64)

Dsinternals ⭐ 1,476

Directory Services Internals (DSInternals) PowerShell Module and Framework

InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration.

Pythem ⭐ 1,172

pentest framework

Vhostscan ⭐ 1,114

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

Sysreptor ⭐ 979

Fully customisable, offensive security reporting solution designed for pentesters, red teamers and other security-related people alike.

Enum4linux Ng ⭐ 896

A next generation version of enum4linux (a Windows/Samba enumeration tool) with additional features like JSON/YAML export. Aimed for security professionals and CTF players.

Hacking Toolkit

Cansina ⭐ 852

Web Content Discovery Tool

Wordpress Exploit Framework ⭐ 822

A Ruby framework designed to aid in the penetration testing of WordPress systems.

Web Cache Vulnerability Scanner ⭐ 756

Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hackmanit.de/).

Gourdscanv2 ⭐ 683

被动式漏洞扫描系统

Dradis Ce ⭐ 608

Dradis Framework: Colllaboration and reporting for IT Security teams

Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework

Archstrike ⭐ 487

An Arch Linux repository for security professionals and enthusiasts. Done the Arch Way and optimized for i686, x86_64, ARMv6, ARMv7 and ARMv8.

Securitymanageframwork ⭐ 421

Security Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.

Badkarma ⭐ 409

network reconnaissance toolkit

Open source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.

Set of tools to audit SIP based VoIP Systems

Quillaudit_reports ⭐ 312

QuillAudits Smart Contracts, deFi, NFT, tokens,Dao , Dex and DApps Audit Reports

Pwndoc Ng ⭐ 273

Pentest Report Generator

RSPET (Reverse Shell and Post Exploitation Tool) is a Python based reverse shell equipped with functionalities that assist in a post exploitation scenario.

Open-source vulnerability scanner

Nndefaccts ⭐ 228

nnposter's alternate fingerprint dataset for Nmap script http-default-accounts

Default Http Login Hunter ⭐ 211

Login hunter of default credentials for administrative web interfaces leveraging NNdefaccts dataset.

Minimalistic Offensive Security Tools ⭐ 200

A repository of tools for pentesting of restricted and isolated environments.

Minesweeper ⭐ 188

A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).

Recsech ⭐ 161

Recsech is a tool for doing Footprinting and Reconnaissance on the target web. Recsech collects information such as DNS Information, Sub Domains, HoneySpot Detected, Subdomain takeovers, Reconnaissance On Github and much more you can see in Features in tools .

Crithit ⭐ 152

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

Scanner And Patcher ⭐ 145

A Web Vulnerability Scanner and Patcher

Sqlite Lab ⭐ 145

This code is vulnerable to SQL Injection and having SQLite database. For SQLite database, SQL Injection payloads are different so it is for fun. Just enjoy it \m/

The_hive ⭐ 137

My public notes about offensive security

Faction ⭐ 133

Pen Test Report Generation and Assessment Collaboration

Powerful Visual Subdomain Enumeration at the Click of a Mouse

Zap Cli ⭐ 130

A simple tool for interacting with OWASP ZAP from the commandline.

Vsaudit ⭐ 104

VOIP Security Audit Framework

Ad Assessmentkit ⭐ 103

Contains a collection of Bash scripts designed for comprehensive security audits and network mapping of Active Directory (AD) environments. The scripts automate various tasks including LDAP querying, Kerberos ticket analysis, SMB enumeration, and exploitation of known vulnerabilities like Zerologon and PetitPotam.

Cat-Nip Automated Basic Pentest Tool - Designed For Kali Linux

Secfiles ⭐ 94

My files for security assessments, bug bounty and other security related stuff

Git Scanner ⭐ 92

A tool for bug hunting or pentesting for targeting websites that have open .git repositories available in public

Mailripv2 ⭐ 80

Improved SMTP Checker / SMTP Cracker with proxy-support, inbox test and many more features.

Secator - the pentester's swiss knife

one-stop resource for all things offensive security.

Defcon 26 Workshop Attacking And Auditing Docker Containers ⭐ 70

DEF CON 26 Workshop - Attacking & Auditing Docker Containers Using Open Source

Cvescannerv2 ⭐ 66

Nmap script that scans for probable vulnerabilities based on services discovered in open ports.

Resources ⭐ 64

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

Codeallthethings ⭐ 58

A list of threat sinks used in the manual security source code review for application security

Automated attack surface mapper and vulnerability scanner (Work In Progress 🚧)

Industrial Security Auditing Framework ⭐ 52

ISAF aims to be a framework that provides the necessary tools for the correct security audit of industrial environments. This repo is a mirror of https://gitlab.com/d0ubl3g/industrial-security-aud

Dimorf is a ransomware using 256-bit AES with a self-destructing, randomly generated key for Linux OS´s

Enumerate AWS cloud resources based on provided credential

Passmute ⭐ 39

PassMute - A multi featured Password Transmutation/Mutator Tool

Handshake Cracker ⭐ 37

Handshake cracker

Pentesting Multitool ⭐ 34

Different utility scripts for pentesting and hacking.

A very flexible phone number wordlist generator

ITWSV- Integrated Tool for Web Security Vulnerability

Awesome Physec ⭐ 28

Repository containing useful links for all things Physical Security. Please contribute!

Labsecurity ⭐ 21

Labsecurity is a tool that bundles ethical hacking python scripts into a single tool with cli interface.

Androsectest ⭐ 20

From this app, Connect a Phone, Extract any app from It, Decompile, Deobfuscate, Remove Certificate Pinning and Repackage it. Meanwhile, Perform some Static and Dynamic Analysis on It.

Pentesting ⭐ 20

Misc. Public Reports of Penetration Testing and Security Audits.

SMBScan is a tool to enumerate file shares on an internal network.

Installer ⭐ 17

Installation script for Codename SCNR.

Zaproxy Automation ⭐ 17

This is a collection of ZAProxy Automation Tools and scripts to automate security tests of WEB Applications and WEB Sites

Mailripv3 ⭐ 16

SMTP and IMAP checker / cracker for mailpass combolists with a user-friendly GUI, automated inbox test and many more features.

Protocol Analyzer ⭐ 16

Fuzz testing framework for network protocols.

Api_paths ⭐ 15

A list of REST API URL paths for use in blackbox API end-point discovery

Haram Tool Hacker Penetration Master ⭐ 13

Haram Tool is Software Web Penetration Testing Tool.

Redjoust ⭐ 11

A quick and easy to use security reconnaissance webapp tool, does OSINT, analysis and red-teaming in both passive and active mode. Written in nodeJS and Electron.

Codeargos ⭐ 10

A python module for red teams to support the continuous recon of JavaScript files and HTML script blocks in an active web application.

Multithreaded ssh scan tool for networks

Pcap_injector ⭐ 5

A CLI tool for creating network covert channels within .pcap files.

External Audits ⭐ 5

External audits

Jok3r - Network and Web Pentest Framework

Burp Security Headers Checker ⭐ 5

Super simple Burp Suite extension adding passive scanner checks for missing security headers in server responses

Related Searches

Python Penetration Testing (1,368)

Security Penetration Testing (767)

Scanner Penetration Testing (373)

1-50 of 50 search results

Privacy | About | Terms | Follow Us On Twitter

Copyright 2018-2024 Awesome Open Source. All rights reserved.