Awesome Open Source

Programming Languages

Search results for python penetration testing

penetration-testing x

371 search results found

Sqlmap ⭐ 29,628

Automatic SQL injection and database takeover tool

Ciphey ⭐ 16,681

⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡

Dirsearch ⭐ 11,165

Web path scanner

Spiderfoot ⭐ 11,035

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

Social Analyzer ⭐ 10,841

API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites

Crackmapexec ⭐ 8,060

A swiss army knife for pentesting networks

Osintgram ⭐ 7,891

Osintgram is a OSINT tool on Instagram. It offers an interactive shell to perform analysis on Instagram account of any users by its nickname

Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) C2 and post-exploitation framework written in python and C

Hacktricks ⭐ 7,688

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

Objection ⭐ 6,752

📱 objection - runtime mobile exploration

Rengine ⭐ 6,446

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.

Monkey ⭐ 6,414

Infection Monkey - An open-source adversary emulation platform

Pentestgpt ⭐ 5,672

A GPT-empowered penetration testing tool

Defaultcreds Cheat Sheet ⭐ 5,023

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

The Penetration Testers Framework (PTF) is a way for modular support for up-to-date tools.

Androguard ⭐ 4,756

Reverse engineering and pentesting for Android applications

Faraday ⭐ 4,422

Open Source Vulnerability Management Platform

Commix ⭐ 4,302

Automated All-in-One OS Command Injection Exploitation Tool.

Phonesploit Pro ⭐ 3,899

An all-in-one hacking tool to remotely exploit Android devices using ADB and Metasploit-Framework to get a Meterpreter session.

The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.

Socialfish ⭐ 3,705

Phishing Tool & Information Collector

Pocsuite3 ⭐ 3,412

pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.

Patator ⭐ 3,380

Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.

Villain ⭐ 3,376

Villain is a C2 framework that can handle multiple TCP socket & HoaxShell-based reverse shells, enhance their functionality with additional features (commands, utilities etc) and share them among connected sibling servers (Villain instances running on different machines).

A recursive internet scanner for hackers.

Awesome Redteam ⭐ 3,079

一个攻防知识仓库

Xunfeng ⭐ 2,946

巡风是一款适用于企业内网的漏洞快速应急，巡航扫描系统。

Vulmap ⭐ 2,935

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞验证功能

Nettacker ⭐ 2,915

Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management

Arsenal ⭐ 2,762

Arsenal is just a quick inventory and launcher for hacking programs

Awesome Hacking ⭐ 2,716

Awesome hacking is an awesome collection of hacking tools.

Hoaxshell ⭐ 2,678

A Windows reverse shell payload generator and handler that abuses the http(s) protocol to establish a beacon-like reverse shell.

Pentest Tools ⭐ 2,652

A collection of custom security tools for quick needs.

Snoop ⭐ 2,530

Snoop — инструмент разведки на основе открытых данных (OSINT world)

Astra ⭐ 2,376

Automated Security Testing For REST API's

Pentest Wiki ⭐ 2,307

PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.

Ssrfmap ⭐ 2,306

Automatic SSRF fuzzer and exploitation tool

OSCP Cheat Sheet

Slowloris ⭐ 2,229

Low bandwidth DoS tool. Slowloris rewrite in Python.

Cloudflair ⭐ 2,143

🔎 Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.

Evilosx ⭐ 2,115

An evil RAT (Remote Administration Tool) for macOS / OS X.

Cloudfail ⭐ 2,080

Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network

Blackbird ⭐ 2,073

An OSINT tool to search for accounts by username in social networks.

Malicious Pdf ⭐ 2,029

💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh

Finalrecon ⭐ 1,949

All In One Web Recon

Xssor2 ⭐ 1,797

XSS'OR - Hack with JavaScript.

Reconspider ⭐ 1,729

🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.

Offensive Web Testing Framework (OWTF), is a framework which tries to unite great tools and make pen testing more efficient http://owtf.org https://twitter.com/owtfp

Vxscan ⭐ 1,711

python3写的综合扫描工具，主要用来存活验证，敏感文件探测(目录扫描/js泄露接口/html注释

Fuxploider ⭐ 1,702

File upload vulnerability scanner and exploitation tool.

Pwn_jenkins ⭐ 1,693

Notes about attacking Jenkins servers

Dirhunt ⭐ 1,675

Find web directories without bruteforce

Hacktronian ⭐ 1,664

Tools for Pentesting

Weird_proxies ⭐ 1,638

Reverse proxies cheatsheet

Mitmap ⭐ 1,623

📡 A python program to create a fake AP and sniff data.

Netexec ⭐ 1,596

The Network Execution Tool

Deathstar ⭐ 1,545

Uses Empire's (https://github.com/BC-SECURITY/Empire) RESTful API to automate gaining Domain and/or Enterprise Admin rights in Active Directory environments using some of the most common offensive TTPs.

Exegol ⭐ 1,539

Fully featured and community-driven hacking environment

Rapidscan ⭐ 1,489

🆕 The Multi-Tool Web Vulnerability Scanner.

Easy_hack ⭐ 1,466

Hack the World using Termux

Macro_pack ⭐ 1,420

macro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments. The goal of macro_pack is to simplify exploitation, antimalware bypass, and automatize the process from malicious macro and script generation to final document generation. It also provides a lot of helpful features useful for redteam or security research.

ODAT: Oracle Database Attacking Tool

InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration.

Sprayingtoolkit ⭐ 1,360

Scripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient

V3n0m Scanner ⭐ 1,342

Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns

Dronesploit ⭐ 1,306

Drone pentesting framework console

Needle ⭐ 1,302

The iOS Security Testing Framework

Medusa ⭐ 1,277

Binary instrumentation framework based on FRIDA

Cloud_enum ⭐ 1,253

Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.

Graphqlmap ⭐ 1,226

GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes. - Do not use for illegal testing ;)

Pentest Notes ⭐ 1,202

Recoverpy ⭐ 1,163

Interactively find and recover deleted or 👉 overwritten 👈 files from your terminal

Writehat ⭐ 1,161

A pentest reporting tool written in Python. Free yourself from Microsoft Word.

Mongoaudit ⭐ 1,154

🔥 A powerful MongoDB auditing and pentesting tool 🔥

Fsociety ⭐ 1,138

A Modular Penetration Testing Framework

Github Search ⭐ 1,121

A collection of tools to perform searches on GitHub.

Ghostwriter ⭐ 1,116

The SpecterOps project management and reporting engine

Vhostscan ⭐ 1,114

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

Toxssin ⭐ 1,105

An XSS exploitation command-line interface and payload generator.

Redsnarf ⭐ 1,075

RedSnarf is a pen-testing / red-teaming tool for Windows environments

Linkedin2username ⭐ 1,064

OSINT Tool: Generate username lists for companies on LinkedIn

Scanless ⭐ 1,061

online port scan scraper

Changeme ⭐ 1,058

A default credential scanner.

Hackerpro ⭐ 1,033

All in One Hacking Tool for Linux & Android (Termux). Make your linux environment into a Hacking Machine. Hackers are welcome in our blog

Babysploit ⭐ 996

👶 BabySploit Beginner Pentesting Toolkit/Framework Written in Python 🐍

Sysreptor ⭐ 979

Fully customisable, offensive security reporting solution designed for pentesters, red teamers and other security-related people alike.

Linuxprivchecker ⭐ 934

linuxprivchecker.py -- a Linux Privilege Escalation Check Script

Evillimiter ⭐ 928

Tool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.

Passhunt ⭐ 898

Passhunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.

Enum4linux Ng ⭐ 896

A next generation version of enum4linux (a Windows/Samba enumeration tool) with additional features like JSON/YAML export. Aimed for security professionals and CTF players.

Evilurl ⭐ 871

Generate unicode domains for IDN Homograph Attack and detect them.

Dumpall ⭐ 865

一款信息泄漏利用工具，适用于.git/.svn/.DS_Store泄漏和目录列出

Hacking Toolkit

Cansina ⭐ 852

Web Content Discovery Tool

Passphrase Wordlist ⭐ 849

Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords

Hosthunter ⭐ 826

HostHunter a recon tool for discovering hostnames using OSINT techniques.

Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.

Pywerview ⭐ 803

A (partial) Python rewriting of PowerSploit's PowerView

Scripts ⭐ 788

Scripts I use during pentest engagements.

Tactical Exploitation ⭐ 768

Modern tactical exploitation toolkit.

Related Searches

Python Network (11,495)

Python Html (10,924)

Python Testing (9,479)

Python Plugin (9,323)

Python Natural Language Processing (9,064)

Python Artificial Intelligence (8,580)

Python Amazon Web Services (8,117)

Python C Plus Plus (6,054)

Python Search (5,971)

Python Command Line (5,367)

1-100 of 371 search results

Privacy | About | Terms | Follow Us On Twitter

Copyright 2018-2024 Awesome Open Source. All rights reserved.