Awesome Open Source
Search
Programming Languages
Languages
All Categories
Categories
About
Search results for pentesting tools
pentesting-tools
x
198 search results found
Scanners Box
⭐
8,001
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
Sn1per
⭐
7,480
Attack Surface Management Platform
Whatweb
⭐
5,110
Next generation web scanner
Feroxbuster
⭐
5,006
A fast, simple, recursive content discovery tool written in Rust.
Nettacker
⭐
2,915
Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management
Hoaxshell
⭐
2,678
A Windows reverse shell payload generator and handler that abuses the http(s) protocol to establish a beacon-like reverse shell.
Malicious Pdf
⭐
2,029
💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh
Finalrecon
⭐
1,949
All In One Web Recon
Pwndoc
⭐
1,827
Pentest Report Generator
Pwncat
⭐
1,638
pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)
Platypus
⭐
1,442
🔨 A modern multiple reverse shell sessions manager written in go
Lockdoor Framework
⭐
1,254
🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources
Toxssin
⭐
1,105
An XSS exploitation command-line interface and payload generator.
Learn365
⭐
1,006
This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection.
Sysreptor
⭐
979
Fully customisable, offensive security reporting solution designed for pentesters, red teamers and other security-related people alike.
Eyeballer
⭐
959
Convolutional neural network for analyzing pentest screenshots
Socialpwned
⭐
879
SocialPwned is an OSINT tool that allows to get the emails, from a target, published in social networks such as Instagram, Linkedin and Twitter to find possible credentials leaks in PwnDB or Dehashed and obtain Google account information via GHunt.
Cloakquest3r
⭐
818
Uncover the true IP address of websites safeguarded by Cloudflare & Others
Awesome Hacking Lists
⭐
763
平常看到好的渗透hacking工具和多领域效率工具的集合
Aptrs
⭐
750
Automated Penetration Testing Reporting System
Frida Ios Hook
⭐
744
A tool that helps you easy trace classes, functions, and modify the return values of methods on iOS platform
Offensive Docker
⭐
718
Offensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.
Justtryharder
⭐
709
JustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)
O365spray
⭐
604
Username enumeration and password spraying tool aimed at Microsoft O365.
Apkhunt
⭐
580
APKHunt is a comprehensive static code analysis tool for Android apps that is based on the OWASP MASVS framework. Although APKHunt is intended primarily for mobile app developers and security testers, it can be used by anyone to identify and address potential security vulnerabilities in their code.
Firecrack
⭐
560
🔥 Firecrack pentest tools: Facebook hacking random attack, deface, admin finder, bing dorking:
Packet Sniffer
⭐
548
A Network Packet Sniffing tool developed in Python 3.
Sstimap
⭐
546
Automatic SSTI detection tool with interactive interface
Ddexec
⭐
514
A technique to run binaries filelessly and stealthily on Linux by "overwriting" the shell's process with another.
Offsec Reporting
⭐
459
Offensive Security OSCP, OSWP, OSEP, OSWA, OSWE, OSED, OSMR, OSEE, OSDA Exam and Lab Reporting / Note-Taking Tool
Iot Pt
⭐
389
A Virtual environment for Pentesting IoT Devices
Offensive Osint Tools
⭐
373
OffSec OSINT Pentest/RedTeam Tools
Sessionprobe
⭐
290
SessionProbe is a multi-threaded tool designed for penetration testing and bug bounty hunting. It evaluates user privileges in web applications by taking a session token and checking access across a list of URLs, highlighting potential authorization issues.
Shotdroid
⭐
274
ShotDroid is a pentesting tool for android. There are 3 tools that have their respective functions, Get files from Android directory, internal and external storage, Android Keylogger + Reverse Shell and Take a webcam shot of the face from the front camera of the phone and PC.
Pwndoc Ng
⭐
273
Pentest Report Generator
Rogue
⭐
269
An extensible toolkit providing penetration testers an easy-to-use platform to deploy Access Points during penetration testing and red team engagements.
Wifi Pentesting Guide
⭐
269
WiFi Penetration Testing Guide
Keyfinder
⭐
265
Keyfinder🔑 is a tool that let you find keys while surfing the web!
Nimbo C2
⭐
255
Nimbo-C2 is yet another (simple and lightweight) C2 framework
Sweetpotato
⭐
243
基于burpsuite的资产分析工具
Wechat Dump Rs
⭐
239
该工具用于导出正在运行中的微信进程的 key 并自动解密所有微信数据库文件以及导出 key 后数据库文件离线解密。
Nekobotv1
⭐
236
NekoBot | Auto Exploiter With 500+ Exploit 2000+ Shell
Golinkfinder
⭐
217
A fast and minimal JS endpoint extractor
Learn365
⭐
207
This repository is about @AnubhavSingh_'s 365 days of Learning Tweets collection.
Gtfoblookup
⭐
206
Offline command line lookup utility for GTFOBins (https://github.com/GTFOBins/GTFOBins.github.io), LOLBAS (https://github.com/LOLBAS-Project/LOLBAS), WADComs (https://wadcoms.github.io), and HijackLibs (https://hijacklibs.net/).
Blackhat Go
⭐
206
As hackers, we put a premium on function over elegance as time is always scarce. When you need to quickly create a solution to a problem, style concerns come secondary.
Mksub
⭐
204
Generate tens of thousands of subdomain combinations in a matter of seconds
Handbook
⭐
196
A living document for penetration testing and offensive security.
Wraith
⭐
195
[WIP] A free and open-source, modular Remote Administration Tool (RAT) / Payload Dropper written in Go(lang) with a flexible command and control (C2) system.
Crimson
⭐
194
Web Application Security Testing Tools
Conti Pentester Guide Leak
⭐
191
Leaked pentesting manuals given to Conti ransomware crooks
Offsec Tools
⭐
181
Compiled tools for internal assessments
Rapidpayload
⭐
176
Framework RapidPayload - Metasploit Payload Generator | Crypter FUD AntiVirus Evasion
Reconky Automated_bash_script
⭐
170
Reconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.
Dsieve
⭐
168
Filter and enrich a list of subdomains by level
Ics Pentesting Tools
⭐
162
A curated list of tools related to Industrial Control System (ICS) security and Penetration Testing
Amnesiac
⭐
157
Amnesiac is a post-exploitation framework entirely written in PowerShell and designed to assist with lateral movement within Active Directory environments
Mkpath
⭐
154
Make URL path combinations using a wordlist
Favirecon
⭐
149
Use favicon.ico to improve your target recon phase. Quickly detect technologies, WAF, exposed panels, known services.
Nix Security Box
⭐
147
Tool set for Information security professionals and all others
Wwwtree
⭐
146
A utility for quickly and easily locating, web hosting and transferring resources (e.g., exploits/enumeration scripts) from your filesystem to a victim machine during privilege escalation.
Fuzzingtool
⭐
143
Software for fuzzing, used on web application pentestings.
Admin Scanner
⭐
141
This tool is design to find admin panel of any website by using custom wordlist or default wordlist easily and allow you to find admin panel trough a proxy server
Pakuri
⭐
140
PAKURI has been merged with Python and launched as a new project, PAKURI-THON.
Laf
⭐
137
This project intends to provide a series of tools to craft, parse, send, analyze and crack a set of LoRaWAN packets in order to audit or pentest the security of a LoraWAN infrastructure.
Edge
⭐
131
Recon tool for cloud provider attribution. Supports AWS, Azure, Google, Cloudflare, and Digital Ocean.
Jwtxploiter
⭐
130
A tool to test security of json web token
Smsgate
⭐
125
SMSgate is an open source Python-based server for sending and especially receiving SMS using multiple GSM modems and SIM cards.
Smtptester
⭐
123
small python3 tool to check common vulnerabilities in SMTP servers
Webstor
⭐
119
A script to quickly enumerate all websites across all of your organization's networks, store their responses, and query for known web technologies, such as those with zero-day vulnerabilities.
Pentesting Framework
⭐
112
Pentesting Framework is a bundle of penetration testing tools, Includes - security, pentesting, hacking and many more.
Argus
⭐
111
Argus Advanced Remote & Local Keylogger For macOS and Windows
Burp Suite Pro
⭐
109
A bash and powershell script to download the latest version of Burp-Suite Professional and use it for free.
Whoamifuck
⭐
109
用于Linux应急响应,快速排查异常用户登录情况和入侵信息排查,准确定位溯源时间线,高效辅助还原攻击
Misc
⭐
101
Scripts and other stuff.
Some_pentesters_securityresearchers_redteamers
⭐
97
Some Pentesters, Security Researchers, Red Teamers which i learned from them a lot...
Petep
⭐
95
PETEP (PEnetration TEsting Proxy) is an open-source Java application for traffic analysis & modification using TCP/UDP proxies. PETEP is a useful tool for performing penetration tests of applications with various application protocols. ⚡
Mediator
⭐
91
An extensible, end-to-end encrypted reverse shell that works across networks without port forwarding.
Nist To Tech
⭐
88
An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)
Turbo Attack
⭐
87
A turbo traffic generator pentesting tool to generate random traffic with random mac and ip addresses in addition to random sequence numbers to a particular ip and port.
Xeca
⭐
86
PowerShell payload generator
Mailripv2
⭐
80
Improved SMTP Checker / SMTP Cracker with proxy-support, inbox test and many more features.
Scanpro
⭐
79
ScanPro - NMap Scanning Scripts ~ Network Mapper
Rustpad
⭐
78
Multi-threaded Padding Oracle attacks against any service. Written in Rust.
Enum4linuxpy
⭐
77
Everyone's favorite SMB/SAMBA/CIFS enumeration tool ported over to Python.
Simple Async Port Scanner
⭐
77
A simple asynchronous TCP/IP Connect Port Scanner in Python 3
Smtp User Enum
⭐
74
SMTP user enumeration via VRFY, EXPN and RCPT with clever timeout, retry and reconnect functionality.
Sqli Query Tampering
⭐
74
SQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder. This extension gives you the flexibility of manual testing with many powerful evasion techniques.
Rsgen
⭐
73
rsGen is a Reverse Shell Payload Generator for hacking.
Pentest Bookmarkz
⭐
67
A collection of useful links for Pentesters
Hacknetics
⭐
67
Contained is all my reference material for my OSCP / Red Teaming. Designed to be a one stop shop for code, guides, command syntax, and high level strategy. One simple clone and you have access to some of the most popular tools used for pentesting.
Wifi Deauth
⭐
63
A deauth attack that disconnects all devices from the target wifi network (2.4Ghz & 5Ghz)
Frida_setup
⭐
63
One-click installer for Frida and Burp certs for SSL Pinning bypass
Enumerepo
⭐
60
List all public repositories for (valid) GitHub usernames
Pwnpad
⭐
60
🐳 VMs are bloat. Dockerise your CTF environment.
Xira
⭐
53
xss vulnerability scanner and input fuzzing tool.
Regstrike
⭐
52
RegStrike is a .reg payload generator
Offensive Docker Vps
⭐
52
Create a VPS on Google Cloud Platform or Digital Ocean easily with Offensive Docker included to launch assessment to the targets.
Kali Wsl
⭐
47
Update, Upgrade, XFCE4 - GUI Mode & Hacking Tools for Kali Linux Windows App
Xsmtp
⭐
46
xSMTP 🦟 Lightning fast, multithreaded smtp scanner targeting open-relay and unsecured servers in multiple network ranges.
1-100 of 198 search results
Next >
Privacy
|
About
|
Terms
|
Follow Us On Twitter
Copyright 2018-2024 Awesome Open Source. All rights reserved.