Awesome Open Source
Search
Programming Languages
Languages
All Categories
Categories
About
Search results for security pentest
pentest
x
security
x
785 search results found
Awesome Hacking
⭐
69,405
A collection of various awesome lists for hackers, pentesters and security researchers
Payloadsallthethings
⭐
51,120
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Hacker Roadmap
⭐
11,121
A collection of hacking tools, resources and references to practice ethical hacking.
Rustscan
⭐
10,721
🤖 The Modern Port Scanner 🤖
Awesome Security
⭐
10,312
A collection of awesome software, libraries, documents, books, resources and cools stuffs about security.
Dirsearch
⭐
10,307
Web path scanner
Awesome Web Security
⭐
10,036
🐶 A curated list of Web Security materials and resources.
Juice Shop
⭐
8,703
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Nishang
⭐
7,771
Nishang - Offensive PowerShell for red team, penetration testing and offensive security.
Sn1per
⭐
6,889
Attack Surface Management Platform
Objection
⭐
6,393
📱 objection - runtime mobile exploration
Wstg
⭐
5,951
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
Yakit
⭐
5,549
Cyber Security ALL-IN-ONE Platform
Airgeddon
⭐
5,425
This is a multi-use bash script for Linux systems to audit wireless networks.
Cve
⭐
5,370
Gather and update all available and newest CVEs with their PoC.
Infosec_reference
⭐
5,071
An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
Awesome Web Hacking
⭐
4,950
A list of web application security
Allaboutbugbounty
⭐
4,793
All about bug bounty (bypasses, payloads, and etc)
Whatweb
⭐
4,727
Next generation web scanner
Awesome Infosec
⭐
4,718
A curated list of awesome infosec courses and training resources.
Reconftw
⭐
4,700
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Osmedeus
⭐
4,676
A Workflow Engine for Offensive Security
Awesome Shodan Queries
⭐
4,463
🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩💻
Cheatsheet God
⭐
4,427
Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet
Hacking Security Ebooks
⭐
4,410
Top 100 Hacking & Security E-Books (Free Download)
1earn
⭐
4,384
暂停维护 | ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Ladon
⭐
4,206
Ladon大型内网渗透工具,可PowerShell模块化、可CS插件化、可内存加载,无文件扫描。含端 11.6内置252个功能,网络资产探测模块32个通过多种协议(ICMP\NBT\DNS\MAC\SM
Faraday
⭐
4,192
Open Source Vulnerability Management Platform
Mobileapp Pentest Cheatsheet
⭐
4,158
The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
Active Directory Exploitation Cheat Sheet
⭐
3,972
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
Free Security Ebooks
⭐
3,752
Free Security and Hacking eBooks
Pacu
⭐
3,679
The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
Kubernetes Goat
⭐
3,581
Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀
Cameradar
⭐
3,451
Cameradar hacks its way into RTSP videosurveillance cameras
Learn Web Hacking
⭐
3,401
Study Notes For Web Hacking / Web安全学习笔记
Arachni
⭐
3,364
Web Application Security Scanner Framework
Awesome Pentest Cheat Sheets
⭐
3,349
Collection of the cheat sheets useful for pentesting
Pspy
⭐
3,342
Monitor linux processes without root permissions
Pocsuite3
⭐
3,207
pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.
Drozer
⭐
3,154
The Leading Security Assessment Framework for Android.
Kscan
⭐
3,061
Kscan是一款纯go开发的全方位扫描器,具备端口扫描、协议检测、指纹识别,暴力破解等功能。支持协议
Vulscan
⭐
2,983
Advanced vulnerability scanning with Nmap NSE
Xunfeng
⭐
2,946
巡风是一款适用于企业内网的漏洞快速应急,巡航扫描系统。
Vulmap
⭐
2,935
Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞验证功能
Pentest Tools
⭐
2,652
A collection of custom security tools for quick needs.
Nettacker
⭐
2,584
Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management
Awesome Hacking
⭐
2,570
Awesome hacking is an awesome collection of hacking tools.
Awesome Mobile Security
⭐
2,511
An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
Black Hat Rust
⭐
2,485
Applied offensive security with Rust - https://kerkour.com/black-hat-rust
Awesome Api Security
⭐
2,352
A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.
Astra
⭐
2,336
Automated Security Testing For REST API's
Pentest Wiki
⭐
2,307
PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.
Awesome Nodejs Security
⭐
2,292
Awesome Node.js Security resources
Iotsecurity101
⭐
2,249
A Curated list of IoT Security Resources
Snoop
⭐
2,226
Snoop — инструмент разведки на основе открытых данных (OSINT world)
Penetration Testing Tools
⭐
2,167
A collection of more than 170+ tools, scripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT Security audits purposes.
Stowaway
⭐
2,077
👻Stowaway -- Multi-hop Proxy Tool for pentesters
Emba
⭐
2,036
EMBA - The firmware security analyzer
Awesome Ethical Hacking Resources
⭐
2,029
🔗 All the resources I could find for learning Ethical Hacking and Penetration Testing.
31 Days Of Api Security Tips
⭐
2,006
This challenge is Inon Shkedy's 31 days API Security Tips.
Venom
⭐
1,814
Venom - A Multi-hop Proxy for Penetration Testers
Owasp Masvs
⭐
1,808
The OWASP MASVS (Mobile Application Security Verification Standard) is the industry standard for mobile app security.
Reconspider
⭐
1,729
🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.
Reconnoitre
⭐
1,701
A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
Owtf
⭐
1,689
Offensive Web Testing Framework (OWTF), is a framework which tries to unite great tools and make pen testing more efficient http://owtf.org https://twitter.com/owtfp
Pwndoc
⭐
1,676
Pentest Report Generator
Subjack
⭐
1,665
Subdomain Takeover tool written in Go
Sn0int
⭐
1,604
Semi-automatic OSINT framework and package manager
Dirhunt
⭐
1,561
Find web directories without bruteforce
Weird_proxies
⭐
1,536
Reverse proxies cheatsheet
Burpgpt
⭐
1,480
A Burp Suite extension that integrates OpenAI's GPT to perform an additional passive scan for discovering highly bespoke vulnerabilities, and enables running traffic-based analysis of any type.
Metlo
⭐
1,451
Metlo is an open-source API security platform.
Cloakify
⭐
1,432
CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection
Collection Document
⭐
1,416
Collection of quality safety articles. Awesome articles.
Diamorphine
⭐
1,411
LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x/6.x (x86/x86_64 and ARM64)
Sx
⭐
1,317
🖖 Fast, modern, easy-to-use network scanner
Top25 Parameter
⭐
1,311
For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙
Damn Vulnerable Graphql Application
⭐
1,291
Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security.
Sprayingtoolkit
⭐
1,283
Scripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient
Needle
⭐
1,277
The iOS Security Testing Framework
Fuxi
⭐
1,273
Penetration Testing Platform
Pyrdp
⭐
1,273
RDP monster-in-the-middle (mitm) and library for Python with the ability to watch connections live or after the fact
Pentest Book
⭐
1,266
Deathstar
⭐
1,244
Uses Empire's (https://github.com/BC-SECURITY/Empire) RESTful API to automate gaining Domain and/or Enterprise Admin rights in Active Directory environments using some of the most common offensive TTPs.
Intrigue Core
⭐
1,205
Discover Your Attack Surface!
Noseyparker
⭐
1,162
Nosey Parker is a command-line program that finds secrets and sensitive information in textual data and Git history.
Mongoaudit
⭐
1,154
🔥 A powerful MongoDB auditing and pentesting tool 🔥
Evilgrade
⭐
1,132
Evilgrade is a modular framework that allows the user to take advantage of poor upgrade implementations by injecting fake updates.
Security List
⭐
1,130
If you have any good suggestions or comments during the search process, please feedback some index experience in issues. Thank you for your participation.查阅过程中,如果有什么好的意见或建议,请在Issues反馈,感谢您的参与
Goby
⭐
1,081
Attack surface mapping
Interlace
⭐
1,080
Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.
Mutillidae
⭐
1,071
OWASP Mutillidae II is a free, open-source, deliberately vulnerable web application providing a target for web-security training. This is an easy-to-use web hacking environment designed for labs, security enthusiasts, classrooms, CTF, and vulnerability assessment tool targets.
Vhostscan
⭐
1,064
A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
Wordlists
⭐
1,064
Real-world infosec wordlists, updated regularly
Changeme
⭐
1,058
A default credential scanner.
Metabigor
⭐
1,003
OSINT tools and more but without API ke
K8cscan
⭐
996
K8Ladon大型内网渗透自定义插件化扫描神器,包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用 C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆 Strike联动
Cariddi
⭐
989
Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more
Linuxprivchecker
⭐
934
linuxprivchecker.py -- a Linux Privilege Escalation Check Script
Broxy
⭐
932
An HTTP/HTTPS intercept proxy written in Go.
Related Searches
Security Vulnerability (12,341)
Laravel Security (11,580)
Php Security (10,611)
Penetration Testing Pentest (3,759)
Python Security (3,710)
Pentesting Pentest (3,160)
Javascript Security (3,011)
Java Security (2,509)
Html Security (2,245)
Python Pentest (1,449)
1-100 of 785 search results
Next >
Privacy
|
About
|
Terms
|
Follow Us On Twitter
Copyright 2018-2023 Awesome Open Source. All rights reserved.
