Awesome Open Source
Search
Programming Languages
Languages
All Categories
Categories
About
Search results for pentest tool
pentest-tool
x
417 search results found
Dirsearch
⭐
11,165
Web path scanner
Hackbrowserdata
⭐
9,965
Decrypt passwords/cookies/history/bookmarks from the browser. 一款可全平台运行的浏览器数据导出解密工具。
Thc Hydra
⭐
8,480
hydra
Sn1per
⭐
7,480
Attack Surface Management Platform
Oneforall
⭐
7,315
OneForAll是一款功能强大的子域收集工具
Monkey
⭐
6,414
Infection Monkey - An open-source adversary emulation platform
Httpx
⭐
6,399
httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.
Reconftw
⭐
5,204
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Osmedeus
⭐
5,076
A Workflow Engine for Offensive Security
Scan4all
⭐
4,909
Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...
1earn
⭐
4,841
ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Arl
⭐
4,502
ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
Redteam Tools
⭐
4,019
Tools and Techniques for Red Team / Penetration Testing
Phonesploit Pro
⭐
3,899
An all-in-one hacking tool to remotely exploit Android devices using ADB and Metasploit-Framework to get a Meterpreter session.
Winpwn
⭐
3,151
Automation for internal Windows Penetrationtest / AD-Security
Kb
⭐
3,024
A minimalist command line knowledge base manager
Vulmap
⭐
2,935
Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞验证功能
Raccoon
⭐
2,928
A high performance offensive security tool for reconnaissance and vulnerability scanning
Lscript
⭐
2,921
The LAZY script will make your life easier, and of course faster.
Burpsuite Collections
⭐
2,914
有关burpsuite的插件(非商店),文章以及使用技巧的收集(此项目不再提供burpsuite破解 of burpsuite plugins (non-stores), articles and tips for using Burpsuite, no crack version file
Dirmap
⭐
2,908
An advanced web directory & file scanning tool that will be more powerful than DirBuster, Dirsearch, cansina, and Yu Jian.一个高级web目录、文件扫描工具,功能将会强于DirBuster、Dirsearch、ca
Privesccheck
⭐
2,438
Privilege Escalation Enumeration Script for Windows
Ssrf Testing
⭐
2,274
SSRF (Server Side Request Forgery) testing resources
Stowaway
⭐
2,195
👻Stowaway -- Multi-hop Proxy Tool for pentesters
Cloudflair
⭐
2,143
🔎 Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.
Sudo_killer
⭐
2,032
A tool designed to exploit a privilege escalation vulnerability in the sudo program on Unix-like systems. It takes advantage of a specific misconfiguration or flaw in sudo to gain elevated privileges on the system, essentially allowing a regular user to execute commands as the root user.
Ligolo Ng
⭐
1,950
An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.
Finalrecon
⭐
1,949
All In One Web Recon
Redteam_blueteam_hw
⭐
1,922
红蓝对抗以及护网相关工具和资料,内存shellcode(cs+msf)和内存马查杀工具
Venom
⭐
1,911
Venom - A Multi-hop Proxy for Penetration Testers
Dismap
⭐
1,840
Asset discovery and identification tools 快速识别 Web 指纹信息,定位资产类型。辅助红队快速定位目标资产信息,辅助蓝队发现疑似脆弱点
Xssor2
⭐
1,797
XSS'OR - Hack with JavaScript.
One Lin3r
⭐
1,639
Gives you one-liners that aids in penetration testing operations, privilege escalation and more
Pwncat
⭐
1,638
pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)
Netexec
⭐
1,596
The Network Execution Tool
Eggshell
⭐
1,589
iOS/macOS/Linux Remote Administration Tool
F8x
⭐
1,553
红/蓝队环境自动化部署工具 | Red/Blue team environment automation deployment tool
Linwinpwn
⭐
1,512
linWinPwn is a bash script that automates a number of Active Directory Enumeration and Vulnerability checks
Cloakify
⭐
1,483
CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection
Odat
⭐
1,405
ODAT: Oracle Database Attacking Tool
Top25 Parameter
⭐
1,311
For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙
Fuxi
⭐
1,310
Penetration Testing Platform
Dronesploit
⭐
1,306
Drone pentesting framework console
Lockdoor Framework
⭐
1,254
🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources
Attiny85
⭐
1,129
RubberDucky like payloads for DigiSpark Attiny85
Crosslinked
⭐
1,060
LinkedIn enumeration tool to extract valid employee names from an organization through search engine scraping
Satansword
⭐
1,048
红队综合渗透框架
Perun
⭐
1,037
Perun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫
Inventory
⭐
1,019
Asset inventory of over 800 public bug bounty programs.
Babysploit
⭐
996
👶 BabySploit Beginner Pentesting Toolkit/Framework Written in Python 🐍
House
⭐
960
A runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python.
Linuxprivchecker
⭐
934
linuxprivchecker.py -- a Linux Privilege Escalation Check Script
Evillimiter
⭐
928
Tool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.
Passhunt
⭐
898
Passhunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.
Enum4linux Ng
⭐
896
A next generation version of enum4linux (a Windows/Samba enumeration tool) with additional features like JSON/YAML export. Aimed for security professionals and CTF players.
Habu
⭐
853
Hacking Toolkit
Cloudpeler
⭐
841
CrimeFlare is a useful tool for bypassing websites protected by CloudFlare WAF, with this tool you can easily see the real IP of websites that have been protected by CloudFlare. The resulting information is certainly very useful for conducting further penetration testing, and analyzing websites with the same server.
Hosthunter
⭐
826
HostHunter a recon tool for discovering hostnames using OSINT techniques.
Pentesttools
⭐
816
Awesome Pentest Tools Collection
Pompem
⭐
794
Find exploit tool
Msdat
⭐
754
MSDAT: Microsoft SQL Database Attacking Tool
Cloudbrute
⭐
750
Awesome cloud enumerator
Subscraper
⭐
734
Subdomain and target enumeration tool built for offensive security testing
Justtryharder
⭐
709
JustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)
Dumpsterfire
⭐
709
"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
Blackmamba
⭐
688
C2/post-exploitation framework
Wpforce
⭐
657
Wordpress Attack Suite
Thc Archive
⭐
632
All releases of the security research group (a.k.a. hackers) The Hacker's Choice
Serverscan
⭐
624
ServerScan一款使用Golang开发的高并发网络扫描、服务探测工具。
Rdpassspray
⭐
612
Python3 tool to perform password spraying using RDP
Packetwhisper
⭐
607
PacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.
Dirble
⭐
592
Fast directory scanning and scraping tool
Censys Subdomain Finder
⭐
589
⚡ Perform subdomain enumeration using the certificate transparency logs from Censys.
Rustcat
⭐
575
Rustcat(rcat) - The modern Port listener and Reverse shell
Impost3r
⭐
556
👻Impost3r -- A linux password thief
Sstimap
⭐
546
Automatic SSTI detection tool with interactive interface
Open Redirect Payloads
⭐
532
Open Redirect Payloads
Haiti
⭐
532
🔑 Hash type identifier (CLI & lib)
Nullinux
⭐
525
Internal penetration testing tool for Linux that can be used to enumerate OS information, domain information, shares, directories, and users through SMB.
Envizon
⭐
519
network visualization & pentest reporting
Vajra
⭐
511
Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.
Webkiller
⭐
500
Tool Information Gathering Write By Python.
Crlfsuite
⭐
499
The most powerful CRLF injection (HTTP Response Splitting) scanner.
Yasuo
⭐
491
A ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network
Okadminfinder3
⭐
473
[ Admin panel finder / Admin Login Page Finder ] ¢σ∂є∂ ву 👻 (❤-❤) 👻
Bigbountyrecon
⭐
471
BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Overlord
⭐
463
Overlord - Red Teaming Infrastructure Automation
Pentest101
⭐
456
一些关于渗透测试的Tips
Heroinn
⭐
446
A cross platform C2/post-exploitation framework.
Pivotsuite
⭐
423
Network Pivoting Toolkit
Gadgetprobe
⭐
420
Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.
Badkarma
⭐
408
network reconnaissance toolkit
Pymeta
⭐
398
Pymeta will search the web for files on a domain to download and extract metadata. This technique can be used to identify: domains, usernames, software/version numbers and naming conventions.
Suid3num
⭐
393
A standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)
Revsuit
⭐
389
RevSuit is a flexible and powerful reverse connection platform designed for receiving connection from target host in penetration.
Karkinos
⭐
386
Penetration Testing and Hacking CTF's Swiss Army Knife with: Reverse Shell Handling - Encoding/Decoding - Encryption/Decryption - Cracking Hashes / Hashing
Samuraiwtf
⭐
383
The main SamuraiWTF collaborative distro repo.
Kaboom
⭐
380
A tool to automate penetration tests
Pentest Everything
⭐
379
A collection of CTF write-ups, pentesting topics, guides and notes. Notes compiled from multiple sources and my own lab research. Topics also support OSCP, Active Directory, CRTE, eJPT and eCPPT.
Hackerenv
⭐
375
Related Searches
Penetration Testing Pentest Tool (327)
1-100 of 417 search results
Next >
Privacy
|
About
|
Terms
|
Follow Us On Twitter
Copyright 2018-2024 Awesome Open Source. All rights reserved.