Awesome Open Source
Search
Programming Languages
Languages
All Categories
Categories
About
Search results for python pentest tool
pentest-tool
x
python
x
160 search results found
Dirsearch
⭐
11,165
Web path scanner
Oneforall
⭐
7,315
OneForAll是一款功能强大的子域收集工具
Monkey
⭐
6,414
Infection Monkey - An open-source adversary emulation platform
Arl
⭐
4,502
ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
Phonesploit Pro
⭐
3,899
An all-in-one hacking tool to remotely exploit Android devices using ADB and Metasploit-Framework to get a Meterpreter session.
Kb
⭐
3,024
A minimalist command line knowledge base manager
Vulmap
⭐
2,935
Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞验证功能
Cloudflair
⭐
2,143
🔎 Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.
Finalrecon
⭐
1,949
All In One Web Recon
Xssor2
⭐
1,797
XSS'OR - Hack with JavaScript.
Netexec
⭐
1,596
The Network Execution Tool
Odat
⭐
1,405
ODAT: Oracle Database Attacking Tool
Dronesploit
⭐
1,306
Drone pentesting framework console
Crosslinked
⭐
1,060
LinkedIn enumeration tool to extract valid employee names from an organization through search engine scraping
Satansword
⭐
1,048
红队综合渗透框架
Babysploit
⭐
996
👶 BabySploit Beginner Pentesting Toolkit/Framework Written in Python 🐍
Linuxprivchecker
⭐
934
linuxprivchecker.py -- a Linux Privilege Escalation Check Script
Evillimiter
⭐
928
Tool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.
Passhunt
⭐
898
Passhunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.
Enum4linux Ng
⭐
896
A next generation version of enum4linux (a Windows/Samba enumeration tool) with additional features like JSON/YAML export. Aimed for security professionals and CTF players.
Habu
⭐
853
Hacking Toolkit
Hosthunter
⭐
826
HostHunter a recon tool for discovering hostnames using OSINT techniques.
Pompem
⭐
794
Find exploit tool
Msdat
⭐
754
MSDAT: Microsoft SQL Database Attacking Tool
Subscraper
⭐
734
Subdomain and target enumeration tool built for offensive security testing
Justtryharder
⭐
709
JustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)
Dumpsterfire
⭐
709
"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
Blackmamba
⭐
688
C2/post-exploitation framework
Censys Subdomain Finder
⭐
589
⚡ Perform subdomain enumeration using the certificate transparency logs from Censys.
Sstimap
⭐
546
Automatic SSTI detection tool with interactive interface
Nullinux
⭐
525
Internal penetration testing tool for Linux that can be used to enumerate OS information, domain information, shares, directories, and users through SMB.
Webkiller
⭐
500
Tool Information Gathering Write By Python.
Okadminfinder3
⭐
473
[ Admin panel finder / Admin Login Page Finder ] ¢σ∂є∂ ву 👻 (❤-❤) 👻
Overlord
⭐
463
Overlord - Red Teaming Infrastructure Automation
Badkarma
⭐
400
network reconnaissance toolkit
Pymeta
⭐
398
Pymeta will search the web for files on a domain to download and extract metadata. This technique can be used to identify: domains, usernames, software/version numbers and naming conventions.
Suid3num
⭐
393
A standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)
Dotdotslash
⭐
366
Search for Directory Traversal Vulnerabilities
Sippts
⭐
347
Set of tools to audit SIP based VoIP Systems
Cloudbunny
⭐
342
CloudBunny is a tool to capture the real IP of the server that uses a WAF as a proxy or protection. In this tool we used three search engines to search domain information: Shodan, Censys and Zoomeye.
Susanoo
⭐
321
A REST API security testing framework.
Sbscan
⭐
316
SBSCAN是一款专注于spring框架的渗透测试工具,可以对指定站点进行springboot未授权 [SBSCAN is a penetration testing tool focused on the spring framework that can scan springboot sensitive information/unauthorized for specified sites and scan and validate spring related vulnerabilities]
Darkside
⭐
315
Tool Information Gathering & social engineering Write By [Python,JS,PHP]
Watchdog
⭐
309
Watchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.
Getaltname
⭐
306
Extract subdomains from SSL certificates in HTTPS sites.
Txtool
⭐
305
an easy pentesting tool.
Userefuzz
⭐
302
User-Agent , X-Forwarded-For and Referer SQLI Fuzzer
Eyejo
⭐
294
EyeJo是一款自动化资产风险评估平台,可以协助甲方安全人员或乙方安全人员对授权的资产中进行排查,快
Rogue
⭐
269
An extensible toolkit providing penetration testers an easy-to-use platform to deploy Access Points during penetration testing and red team engagements.
Jwtcat
⭐
258
A CPU-based JSON Web Token (JWT) cracker and - to some extent - scanner.
Phoenixc2
⭐
247
Command & Control-Framework created for collaboration in python3
Enumdb
⭐
215
Relational database brute force and post exploitation tool for MySQL and MSSQL
Afuzz
⭐
204
Afuzz is an automated web path fuzzing tool for the Bug Bounty projects.
Arl Plus Docker
⭐
196
基于斗象灯塔ARL修改后的版本。相比原版,增加了OneForAll、中央数据库,修改了altDns
Zigdiggity
⭐
194
A ZigBee hacking toolkit by Bishop Fox
Killchain
⭐
192
A unified console to perform the "kill chain" stages of attacks.
Lucifer
⭐
177
A Powerful Penetration Tool For Automating Penetration Tasks Such As Local Privilege Escalation, Enumeration, Exfiltration and More... Use Or Build Automation Modules To Speed Up Your Cyber Security Life
Icp Domains
⭐
163
输入一个域名,输出ICP备案所有关联域名
Tirefire
⭐
131
Automate the scanning and enumeration of machines externally while maintaining complete control over scans shot to the target. Comfortable GUI-ish platform. Great for OSCP/HTB type Machines as well as penetration testing.
Jwtxploiter
⭐
130
A tool to test security of json web token
Ratel
⭐
130
RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.
Vailyn
⭐
126
A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python
Cloud Buster
⭐
121
A Cloudflare resolver that works
Webstor
⭐
119
A script to quickly enumerate all websites across all of your organization's networks, store their responses, and query for known web technologies, such as those with zero-day vulnerabilities.
Msploitego
⭐
115
Pentesting suite for Maltego based on data in a Metasploit database
Darkspiritz
⭐
111
🌔 Official Repository for DarkSpiritz Penetration Framework | Written in Python 🐍
Traxosint
⭐
109
Osint tool for track ip adress
Arl Npoc
⭐
104
集漏洞验证和任务运行的一个框架
Zenbuster
⭐
102
Multi-threaded URL enumeration/content-discovery tool in Python.
Punk.py
⭐
94
unix SSH post-exploitation 1337 tool
Mega Bot
⭐
94
[NEW] : Mega Bot ☣ Scanner & Auto Exploiter
Pync
⭐
93
arbitrary TCP and UDP connections and listens (Netcat for Python).
53r3n17y
⭐
89
Python based script for Information Gathering.
Lfitester
⭐
89
LFITester is a Python3 program that automates the detection and exploitation of Local File Inclusion (LFI) vulnerabilities on a server.
In Spectre Meltdown
⭐
84
This tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs enabling attackers to read data they shouldn't be able to. This tool is originally based on Microsoft: https://support.microsoft.com/en-us/help/4073119/p
Mailripv2
⭐
80
Improved SMTP Checker / SMTP Cracker with proxy-support, inbox test and many more features.
Penkitgui
⭐
75
渗透测试武器库
Smtp User Enum
⭐
74
SMTP user enumeration via VRFY, EXPN and RCPT with clever timeout, retry and reconnect functionality.
Recon
⭐
73
Enumerate a target Based off of Nmap Results
Uscan
⭐
69
uscan is an automated vulnerability scanner that streamlines the process of website hacking, making it faster and more efficient than ever before.
Xshock
⭐
63
XSHOCK Shellshock Exploit
Vaile
⭐
57
Metasploit-like pentest framework derived from TIDoS (https://github.com/0xInfection/TIDoS-Framework)
Wicrackfi
⭐
56
Python Script to help/automate the WiFi hacking exercises.
Autoredtools
⭐
54
AutoRedTools是一款轻量级一站式自动下载/自动更新常用开源软件的工具,主要帮助安全从业者/ 装的时间,从而提升生产效率或工作效率。
Kalel
⭐
48
Kal El Network Stress Test and Penetration Testing Toolkit
Credcheck
⭐
47
Credentials Checking Framework
Xsmtp
⭐
46
xSMTP 🦟 Lightning fast, multithreaded smtp scanner targeting open-relay and unsecured servers in multiple network ranges.
Unauthorized
⭐
44
常见的未授权漏洞检测
Aapfinder
⭐
44
AAP Finder (Advanced Admin Page Finder) is a tool written in Python3 with advanced functionalities
Ipwarden
⭐
42
IPWarden(守望者)是一个IP资产风险巡查工具。持续发现系统、Web两个维度的资产和安全风险。
Brokensmtp
⭐
41
Small python script to look for common vulnerabilities on SMTP server.
Rddos_tool
⭐
40
🔫 Red DDoS Tool is -THE BEST- tool for DDoS attacks.
Tomcter
⭐
39
😹 Tomcter is a python tool developed to bruteforce Apache Tomcat manager login with default credentials.
Burpsuite Xkeys
⭐
38
A Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.
Cswsh
⭐
34
A command-line tool for Cross-Site WebSocket Hijacking
Dedmap
⭐
34
A Network Automation framework focused on Cyber-Security
Rpcscan
⭐
32
Tool to communicate with RPC services and check misconfigurations on NFS shares
Wp Mini Exploiter
⭐
30
Mini Wordress Exploiter using CVE2020
Cloudfish
⭐
29
Subdomain enumeration using Cloudflare's scanning tool.
Hydrarecon
⭐
28
All In One, Fast, Easy Recon Tool
Related Searches
Python Django (28,897)
Python Script (17,004)
Python Docker (14,113)
Python Command Line (13,351)
Python Network (11,495)
Python Testing (9,479)
Python Plugin (9,323)
Python Search (5,943)
Python Telegram (5,107)
Javascript Python (4,528)
1-100 of 160 search results
Next >
Privacy
|
About
|
Terms
|
Follow Us On Twitter
Copyright 2018-2024 Awesome Open Source. All rights reserved.