Awesome Open Source
Search
Programming Languages
Languages
All Categories
Categories
About
Search results for pentest tool
pentest-tool
x
417 search results found
Dotdotslash
⭐
366
Search for Directory Traversal Vulnerabilities
Sippts
⭐
347
Set of tools to audit SIP based VoIP Systems
Sharphostinfo
⭐
345
SharpHostInfo是一款快速探测内网主机信息工具(深信服深蓝实验室天威战队强力驱动)
Cloudbunny
⭐
342
CloudBunny is a tool to capture the real IP of the server that uses a WAF as a proxy or protection. In this tool we used three search engines to search domain information: Shodan, Censys and Zoomeye.
Koko Moni
⭐
338
一个网络空间搜索引擎监控平台,可定时进行资产信息爬取,及时发现新增资产,本项目聚合了 Fofa、Hunter、Quake、Zoomeye 和 Threatbook 的数据源,并对获取到的数据进行去重与清洗
Susanoo
⭐
322
A REST API security testing framework.
Perfusion
⭐
316
Exploit for the RpcEptMapper registry key permissions vulnerability (Windows 7 / 2088R2 / 8 / 2012)
Sbscan
⭐
316
SBSCAN是一款专注于spring框架的渗透测试工具,可以对指定站点进行springboot未授权 [SBSCAN is a penetration testing tool focused on the spring framework that can scan springboot sensitive information/unauthorized for specified sites and scan and validate spring related vulnerabilities]
Darkside
⭐
315
Tool Information Gathering & social engineering Write By [Python,JS,PHP]
Esp Rfid Tool
⭐
313
A tool for logging data/testing devices with a Wiegand Interface. Can be used to create a portable RFID reader or installed directly into an existing installation. Provides access to a web based interface using WiFi in AP or Client mode. Will work with nearly all devices that contain a standard 5V Wiegand interface. Primary target group is 26-37bit HID Cards. Similar to the Tastic RFID Thief, Blekey, and ESPKey.
Watchdog
⭐
309
Watchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.
Getaltname
⭐
306
Extract subdomains from SSL certificates in HTTPS sites.
Txtool
⭐
305
an easy pentesting tool.
Userefuzz
⭐
302
User-Agent , X-Forwarded-For and Referer SQLI Fuzzer
Eyejo
⭐
294
EyeJo是一款自动化资产风险评估平台,可以协助甲方安全人员或乙方安全人员对授权的资产中进行排查,快
Socialfishmobile
⭐
284
📱 🐟 An app to remote control SocialFish.
Shotdroid
⭐
274
ShotDroid is a pentesting tool for android. There are 3 tools that have their respective functions, Get files from Android directory, internal and external storage, Android Keylogger + Reverse Shell and Take a webcam shot of the face from the front camera of the phone and PC.
Espkey
⭐
272
Wiegand data logger, replay device and micro door-controller
Rogue
⭐
269
An extensible toolkit providing penetration testers an easy-to-use platform to deploy Access Points during penetration testing and red team engagements.
Jwtcat
⭐
258
A CPU-based JSON Web Token (JWT) cracker and - to some extent - scanner.
Phoenixc2
⭐
247
Command & Control-Framework created for collaboration in python3
Printspoofer
⭐
246
Abusing Impersonation Privileges on Windows 10 and Server 2019
Droid Hunter
⭐
244
(deprecated) Android application vulnerability analysis and Android pentest tool
Vaf
⭐
241
Vaf is a cross-platform very advanced and fast web fuzzer written in nim
Dnsmorph
⭐
235
Domain name permutation engine written in Go
Weakpass
⭐
221
Weakpass rule-based online generator to create a wordlist based on a set of words entered by the user.
Investigator
⭐
218
An online handy-recon tool
Golinkfinder
⭐
217
A fast and minimal JS endpoint extractor
Enumdb
⭐
215
Relational database brute force and post exploitation tool for MySQL and MSSQL
Mitm Scripts
⭐
214
🔄 A collection of mitmproxy inline scripts
Content Bruteforcing Wordlist
⭐
210
Wordlist for content(directory) bruteforce discovering with Burp or dirsearch
Crawley
⭐
208
The unix-way web crawler
Afuzz
⭐
204
Afuzz is an automated web path fuzzing tool for the Bug Bounty projects.
Subdomain_shell
⭐
197
一键调用subfinder+ksubdomain+httpx 强强联合 从域名发现-->域名验证-->获取域名标题、状态码以及响应大小 最后保存结果,简化重复操作命令
Arl Plus Docker
⭐
196
基于斗象灯塔ARL修改后的版本。相比原版,增加了OneForAll、中央数据库,修改了altDns
Zigdiggity
⭐
194
A ZigBee hacking toolkit by Bishop Fox
Killchain
⭐
192
A unified console to perform the "kill chain" stages of attacks.
Nightingale
⭐
183
It's a Docker Environment for Pentesting which having all the required tool for VAPT.
Foolav
⭐
177
Pentest tool for antivirus evasion and running arbitrary payload on target Wintel host
Lucifer
⭐
177
A Powerful Penetration Tool For Automating Penetration Tasks Such As Local Privilege Escalation, Enumeration, Exfiltration and More... Use Or Build Automation Modules To Speed Up Your Cyber Security Life
Sqlscan
⭐
173
Quick SQL Scanner, Dorker, Webshell injector PHP
Docker Security Images
⭐
173
🔐 Docker Container for Penetration Testing & Security
Powerladon
⭐
171
Ladon hacking Scanner for PowerShell, vulnerability / exploit / detection / MS17010/SmbGhost,Brute-Force SMB/IPC/WMI/NBT/SSH/FTP/MSSQL/MYSQL/ORACLE/VNC
Icp Domains
⭐
163
输入一个域名,输出ICP备案所有关联域名
Infosechouse
⭐
162
Tools & Resources for Cyber Security Operations
Ics Pentesting Tools
⭐
162
A curated list of tools related to Industrial Control System (ICS) security and Penetration Testing
Fileless Xec
⭐
160
Stealth dropper executing remote binaries without dropping them on disk .(HTTP3 support, ICMP support, invisible tracks, cross-platform,...)
Amnesiac
⭐
157
Amnesiac is a post-exploitation framework entirely written in PowerShell and designed to assist with lateral movement within Active Directory environments
Crithit
⭐
152
Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Dnsub
⭐
152
dnsub一款好用的子域名扫描工具
Favirecon
⭐
149
Use favicon.ico to improve your target recon phase. Quickly detect technologies, WAF, exposed panels, known services.
Vmass
⭐
148
vMass Bot 🪝 Vulnerability Scanner & Auto Exploiter Tool Written in Perl.
Nix Security Box
⭐
147
Tool set for Information security professionals and all others
Gitmails
⭐
146
An information gathering tool to collect git commit emails in version control host services
Auth_analyzer
⭐
146
Burp Extension for testing authorization issues. Automated request repeating and parameter value extraction on the fly.
Pakuri
⭐
140
PAKURI has been merged with Python and launched as a new project, PAKURI-THON.
Relayer
⭐
135
SMB Relay Attack Script
Airmaster
⭐
131
Use ExpiredDomains.net and BlueCoat to find useful domains for red team.
Tirefire
⭐
131
Automate the scanning and enumeration of machines externally while maintaining complete control over scans shot to the target. Comfortable GUI-ish platform. Great for OSCP/HTB type Machines as well as penetration testing.
Jwtxploiter
⭐
130
A tool to test security of json web token
Ratel
⭐
130
RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.
Golazagne
⭐
128
Go library for credentials recovery
Pentesting Dockerfiles
⭐
126
Pentesting/Bugbounty Dockerfiles.
Vailyn
⭐
126
A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python
Trigmap
⭐
123
A wrapper for Nmap to quickly run network scans
Cloud Buster
⭐
121
A Cloudflare resolver that works
Webstor
⭐
119
A script to quickly enumerate all websites across all of your organization's networks, store their responses, and query for known web technologies, such as those with zero-day vulnerabilities.
Msploitego
⭐
115
Pentesting suite for Maltego based on data in a Metasploit database
Awesome Attack Surface Monitoring
⭐
111
Curated list of open-source & paid Attack Surface Monitoring (ASM) tools.
Darkspiritz
⭐
111
🌔 Official Repository for DarkSpiritz Penetration Framework | Written in Python 🐍
Traxosint
⭐
109
Osint tool for track ip adress
Burp Suite Pro
⭐
109
A bash and powershell script to download the latest version of Burp-Suite Professional and use it for free.
Peekaboo
⭐
108
PeekABoo tool can be used during internal penetration testing when a user needs to enable Remote Desktop on the targeted machine. It uses PowerShell remoting to perform this task. Note: Remote desktop is disabled by default on all Windows operating systems.
Notionterm
⭐
108
🖥️📖 Embed reverse shell in Notion pages
Arl Npoc
⭐
104
集漏洞验证和任务运行的一个框架
Zenbuster
⭐
102
Multi-threaded URL enumeration/content-discovery tool in Python.
Catnip
⭐
102
Cat-Nip Automated Basic Pentest Tool - Designed For Kali Linux
Punk.py
⭐
94
unix SSH post-exploitation 1337 tool
Bhhb
⭐
94
Burp HTTP history browser (BHHB) - A tool to view HTTP history exported from Burp Suite Community Edition
Mega Bot
⭐
94
[NEW] : Mega Bot ☣ Scanner & Auto Exploiter
Pync
⭐
93
arbitrary TCP and UDP connections and listens (Netcat for Python).
Foolavc
⭐
93
foolav successor - loads DLL, executable or shellcode into memory and runs it effectively bypassing AV
Erodir
⭐
93
A fast web directory/file enumeration tool written in Rust
Win Portfwd
⭐
93
Powershell script to setup windows port forwarding using native netsh client
Git Scanner
⭐
92
A tool for bug hunting or pentesting for targeting websites that have open .git repositories available in public
Lazypariah
⭐
90
A tool for generating reverse shell payloads on the fly.
53r3n17y
⭐
89
Python based script for Information Gathering.
Lfitester
⭐
89
LFITester is a Python3 program that automates the detection and exploitation of Local File Inclusion (LFI) vulnerabilities on a server.
Rfparty Monitor
⭐
88
its like a tricorder, for your wireless world.
Digital Forensics With Kali Linux
⭐
87
Digital Forensics with Kali Linux, published by Packt
Turbo Attack
⭐
87
A turbo traffic generator pentesting tool to generate random traffic with random mac and ip addresses in addition to random sequence numbers to a particular ip and port.
Fucking Awesome Hacking
⭐
86
A collection of various awesome lists for hackers, pentesters and security researchers. With repository stars⭐ and forks🍴
Fastdork
⭐
85
⚡Chrome extension allows you to create lists of Google and Github dork to open multiple tabs with one click, import "scope/out of scope" from #HackerOne #Bugcrowd #Intigriti ...
Eyes.sh
⭐
84
Let's you perform domain/IP information gathering... in BASH! Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?"
In Spectre Meltdown
⭐
84
This tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs enabling attackers to read data they shouldn't be able to. This tool is originally based on Microsoft: https://support.microsoft.com/en-us/help/4073119/p
Mailripv2
⭐
80
Improved SMTP Checker / SMTP Cracker with proxy-support, inbox test and many more features.
Pentest Tools
⭐
79
Some random tools I use for penetration testing
Scanpro
⭐
79
ScanPro - NMap Scanning Scripts ~ Network Mapper
Queensono
⭐
76
Golang binary for data exfiltration with ICMP protocol (+ ICMP bindshell, http over ICMP tunneling, ...)
Penkitgui
⭐
75
渗透测试武器库
Related Searches
Penetration Testing Pentest Tool (327)
101-200 of 417 search results
< Previous
Next >
Privacy
|
About
|
Terms
|
Follow Us On Twitter
Copyright 2018-2024 Awesome Open Source. All rights reserved.