Awesome Open Source
Search
Programming Languages
Languages
All Categories
Categories
About
Search results for penetration testing security audit
penetration-testing
x
security-audit
x
50 search results found
Scanners Box
⭐
7,927
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
Faraday
⭐
4,422
Open Source Vulnerability Management Platform
Arachni
⭐
3,632
Web Application Security Scanner Framework
Vulscan
⭐
2,983
Advanced vulnerability scanning with Nmap NSE
Xunfeng
⭐
2,946
巡风是一款适用于企业内网的漏洞快速应急,巡航扫描系统。
Nosqlmap
⭐
2,728
Automated NoSQL database enumeration and web application exploitation tool.
Reconnoitre
⭐
2,053
A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
Owasp Masvs
⭐
1,938
The OWASP MASVS (Mobile Application Security Verification Standard) is the industry standard for mobile app security.
Pwndoc
⭐
1,827
Pentest Report Generator
Sn0int
⭐
1,749
Semi-automatic OSINT framework and package manager
Diamorphine
⭐
1,639
LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x/6.x (x86/x86_64 and ARM64)
Dsinternals
⭐
1,476
Directory Services Internals (DSInternals) PowerShell Module and Framework
Inql
⭐
1,378
InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration.
Pythem
⭐
1,172
pentest framework
Vhostscan
⭐
1,114
A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
Sysreptor
⭐
979
Fully customisable, offensive security reporting solution designed for pentesters, red teamers and other security-related people alike.
Enum4linux Ng
⭐
896
A next generation version of enum4linux (a Windows/Samba enumeration tool) with additional features like JSON/YAML export. Aimed for security professionals and CTF players.
Habu
⭐
853
Hacking Toolkit
Cansina
⭐
852
Web Content Discovery Tool
Wordpress Exploit Framework
⭐
822
A Ruby framework designed to aid in the penetration testing of WordPress systems.
Web Cache Vulnerability Scanner
⭐
756
Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hackmanit.de/).
Gourdscanv2
⭐
683
被动式漏洞扫描系统
Dradis Ce
⭐
608
Dradis Framework: Colllaboration and reporting for IT Security teams
Jok3r
⭐
564
Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework
Archstrike
⭐
487
An Arch Linux repository for security professionals and enthusiasts. Done the Arch Way and optimized for i686, x86_64, ARMv6, ARMv7 and ARMv8.
Securitymanageframwork
⭐
421
Security Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.
Badkarma
⭐
409
network reconnaissance toolkit
Otseca
⭐
384
Open source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.
Sippts
⭐
347
Set of tools to audit SIP based VoIP Systems
Quillaudit_reports
⭐
312
QuillAudits Smart Contracts, deFi, NFT, tokens,Dao , Dex and DApps Audit Reports
Pwndoc Ng
⭐
273
Pentest Report Generator
Rspet
⭐
251
RSPET (Reverse Shell and Post Exploitation Tool) is a Python based reverse shell equipped with functionalities that assist in a post exploitation scenario.
Mageni
⭐
251
Open-source vulnerability scanner
Nndefaccts
⭐
228
nnposter's alternate fingerprint dataset for Nmap script http-default-accounts
Default Http Login Hunter
⭐
211
Login hunter of default credentials for administrative web interfaces leveraging NNdefaccts dataset.
Minimalistic Offensive Security Tools
⭐
200
A repository of tools for pentesting of restricted and isolated environments.
Minesweeper
⭐
188
A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).
Recsech
⭐
161
Recsech is a tool for doing Footprinting and Reconnaissance on the target web. Recsech collects information such as DNS Information, Sub Domains, HoneySpot Detected, Subdomain takeovers, Reconnaissance On Github and much more you can see in Features in tools .
Crithit
⭐
152
Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Scanner And Patcher
⭐
145
A Web Vulnerability Scanner and Patcher
Sqlite Lab
⭐
145
This code is vulnerable to SQL Injection and having SQLite database. For SQLite database, SQL Injection payloads are different so it is for fun. Just enjoy it \m/
The_hive
⭐
137
My public notes about offensive security
Faction
⭐
133
Pen Test Report Generation and Assessment Collaboration
Horn3t
⭐
133
Powerful Visual Subdomain Enumeration at the Click of a Mouse
Zap Cli
⭐
130
A simple tool for interacting with OWASP ZAP from the commandline.
Vsaudit
⭐
104
VOIP Security Audit Framework
Ad Assessmentkit
⭐
103
Contains a collection of Bash scripts designed for comprehensive security audits and network mapping of Active Directory (AD) environments. The scripts automate various tasks including LDAP querying, Kerberos ticket analysis, SMB enumeration, and exploitation of known vulnerabilities like Zerologon and PetitPotam.
Catnip
⭐
102
Cat-Nip Automated Basic Pentest Tool - Designed For Kali Linux
Secfiles
⭐
94
My files for security assessments, bug bounty and other security related stuff
Git Scanner
⭐
92
A tool for bug hunting or pentesting for targeting websites that have open .git repositories available in public
Mailripv2
⭐
80
Improved SMTP Checker / SMTP Cracker with proxy-support, inbox test and many more features.
Secator
⭐
77
Secator - the pentester's swiss knife
Suass
⭐
75
one-stop resource for all things offensive security.
Defcon 26 Workshop Attacking And Auditing Docker Containers
⭐
70
DEF CON 26 Workshop - Attacking & Auditing Docker Containers Using Open Source
Cvescannerv2
⭐
66
Nmap script that scans for probable vulnerabilities based on services discovered in open ports.
Resources
⭐
64
A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.
Codeallthethings
⭐
58
A list of threat sinks used in the manual security source code review for application security
Phaser
⭐
53
Automated attack surface mapper and vulnerability scanner (Work In Progress 🚧)
Industrial Security Auditing Framework
⭐
52
ISAF aims to be a framework that provides the necessary tools for the correct security audit of industrial environments. This repo is a mirror of https://gitlab.com/d0ubl3g/industrial-security-aud
Dimorf
⭐
49
Dimorf is a ransomware using 256-bit AES with a self-destructing, randomly generated key for Linux OS´s
Awsenum
⭐
44
Enumerate AWS cloud resources based on provided credential
Passmute
⭐
39
PassMute - A multi featured Password Transmutation/Mutator Tool
Handshake Cracker
⭐
37
Handshake cracker
Pentesting Multitool
⭐
34
Different utility scripts for pentesting and hacking.
Pnwgen
⭐
30
A very flexible phone number wordlist generator
Itwsv
⭐
28
ITWSV- Integrated Tool for Web Security Vulnerability
Awesome Physec
⭐
28
Repository containing useful links for all things Physical Security. Please contribute!
Labsecurity
⭐
21
Labsecurity is a tool that bundles ethical hacking python scripts into a single tool with cli interface.
Androsectest
⭐
20
From this app, Connect a Phone, Extract any app from It, Decompile, Deobfuscate, Remove Certificate Pinning and Repackage it. Meanwhile, Perform some Static and Dynamic Analysis on It.
Pentesting
⭐
20
Misc. Public Reports of Penetration Testing and Security Audits.
Smbscan
⭐
19
SMBScan is a tool to enumerate file shares on an internal network.
Installer
⭐
17
Installation script for Codename SCNR.
Zaproxy Automation
⭐
17
This is a collection of ZAProxy Automation Tools and scripts to automate security tests of WEB Applications and WEB Sites
Mailripv3
⭐
16
SMTP and IMAP checker / cracker for mailpass combolists with a user-friendly GUI, automated inbox test and many more features.
Protocol Analyzer
⭐
16
Fuzz testing framework for network protocols.
Api_paths
⭐
15
A list of REST API URL paths for use in blackbox API end-point discovery
Haram Tool Hacker Penetration Master
⭐
13
Haram Tool is Software Web Penetration Testing Tool.
Redjoust
⭐
11
A quick and easy to use security reconnaissance webapp tool, does OSINT, analysis and red-teaming in both passive and active mode. Written in nodeJS and Electron.
Codeargos
⭐
10
A python module for red teams to support the continuous recon of JavaScript files and HTML script blocks in an active web application.
Sshscan
⭐
7
Multithreaded ssh scan tool for networks
Pcap_injector
⭐
5
A CLI tool for creating network covert channels within .pcap files.
External Audits
⭐
5
External audits
Jok3r
⭐
5
Jok3r - Network and Web Pentest Framework
Burp Security Headers Checker
⭐
5
Super simple Burp Suite extension adding passive scanner checks for missing security headers in server responses
Related Searches
Python Penetration Testing (1,368)
Security Penetration Testing (767)
Scanner Penetration Testing (373)
1-50 of 50 search results
Privacy
|
About
|
Terms
|
Follow Us On Twitter
Copyright 2018-2024 Awesome Open Source. All rights reserved.