Awesome Open Source

Programming Languages

Search results for python pentesting tools

pentesting-tools x

77 search results found

Nettacker ⭐ 2,915

Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management

Hoaxshell ⭐ 2,678

A Windows reverse shell payload generator and handler that abuses the http(s) protocol to establish a beacon-like reverse shell.

Malicious Pdf ⭐ 2,029

💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh

Finalrecon ⭐ 1,949

All In One Web Recon

Toxssin ⭐ 1,105

An XSS exploitation command-line interface and payload generator.

Sysreptor ⭐ 979

Fully customisable, offensive security reporting solution designed for pentesters, red teamers and other security-related people alike.

Eyeballer ⭐ 959

Convolutional neural network for analyzing pentest screenshots

Socialpwned ⭐ 879

SocialPwned is an OSINT tool that allows to get the emails, from a target, published in social networks such as Instagram, Linkedin and Twitter to find possible credentials leaks in PwnDB or Dehashed and obtain Google account information via GHunt.

Cloakquest3r ⭐ 818

Uncover the true IP address of websites safeguarded by Cloudflare & Others

Automated Penetration Testing Reporting System

Justtryharder ⭐ 709

JustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)

O365spray ⭐ 604

Username enumeration and password spraying tool aimed at Microsoft O365.

Packet Sniffer ⭐ 548

A Network Packet Sniffing tool developed in Python 3.

Sstimap ⭐ 546

Automatic SSTI detection tool with interactive interface

Wifi Pentesting Guide ⭐ 269

WiFi Penetration Testing Guide

An extensible toolkit providing penetration testers an easy-to-use platform to deploy Access Points during penetration testing and red team engagements.

Nekobotv1 ⭐ 236

NekoBot | Auto Exploiter With 500+ Exploit 2000+ Shell

Gtfoblookup ⭐ 206

Offline command line lookup utility for GTFOBins (https://github.com/GTFOBins/GTFOBins.github.io), LOLBAS (https://github.com/LOLBAS-Project/LOLBAS), WADComs (https://wadcoms.github.io), and HijackLibs (https://hijacklibs.net/).

Crimson ⭐ 194

Web Application Security Testing Tools

Rapidpayload ⭐ 176

Framework RapidPayload - Metasploit Payload Generator | Crypter FUD AntiVirus Evasion

Wwwtree ⭐ 146

A utility for quickly and easily locating, web hosting and transferring resources (e.g., exploits/enumeration scripts) from your filesystem to a victim machine during privilege escalation.

Fuzzingtool ⭐ 143

Software for fuzzing, used on web application pentestings.

Admin Scanner ⭐ 141

This tool is design to find admin panel of any website by using custom wordlist or default wordlist easily and allow you to find admin panel trough a proxy server

This project intends to provide a series of tools to craft, parse, send, analyze and crack a set of LoRaWAN packets in order to audit or pentest the security of a LoraWAN infrastructure.

Jwtxploiter ⭐ 130

A tool to test security of json web token

Smsgate ⭐ 125

SMSgate is an open source Python-based server for sending and especially receiving SMS using multiple GSM modems and SIM cards.

Smtptester ⭐ 123

small python3 tool to check common vulnerabilities in SMTP servers

Webstor ⭐ 119

A script to quickly enumerate all websites across all of your organization's networks, store their responses, and query for known web technologies, such as those with zero-day vulnerabilities.

Argus Advanced Remote & Local Keylogger For macOS and Windows

Scripts and other stuff.

Mediator ⭐ 91

An extensible, end-to-end encrypted reverse shell that works across networks without port forwarding.

Mailripv2 ⭐ 80

Improved SMTP Checker / SMTP Cracker with proxy-support, inbox test and many more features.

Enum4linuxpy ⭐ 77

Everyone's favorite SMB/SAMBA/CIFS enumeration tool ported over to Python.

Simple Async Port Scanner ⭐ 77

A simple asynchronous TCP/IP Connect Port Scanner in Python 3

Sqli Query Tampering ⭐ 74

SQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder. This extension gives you the flexibility of manual testing with many powerful evasion techniques.

Smtp User Enum ⭐ 74

SMTP user enumeration via VRFY, EXPN and RCPT with clever timeout, retry and reconnect functionality.

Hacknetics ⭐ 67

Contained is all my reference material for my OSCP / Red Teaming. Designed to be a one stop shop for code, guides, command syntax, and high level strategy. One simple clone and you have access to some of the most popular tools used for pentesting.

Wifi Deauth ⭐ 63

A deauth attack that disconnects all devices from the target wifi network (2.4Ghz & 5Ghz)

xss vulnerability scanner and input fuzzing tool.

Regstrike ⭐ 52

RegStrike is a .reg payload generator

xSMTP 🦟 Lightning fast, multithreaded smtp scanner targeting open-relay and unsecured servers in multiple network ranges.

Subcert is an subdomain enumeration tool, that finds all the subdomains from certificate transparency logs.

ScanMan is the amalgamation of Masscan, Metasploit Framework (MSF) and Nmap Scripting Engine (NSE).

Omnispray ⭐ 40

Modular Enumeration and Password Spraying Framework

Constole ⭐ 35

Scan for and exploit Consul agents

Omnisci3nt ⭐ 34

Unveiling the Hidden Layers of the Web – A Comprehensive Web Reconnaissance Tool

Hande Stealer ⭐ 34

Powerful Discord Stealer written in python

RedDrop is a quick and easy web server for capturing and processing encoded and encrypted payloads and tar archives.

A tool that allows you to search for vulnerable android devices across the world and exploit them.

Rayomd is a gathering information Framework for pentesters and bug bounty hunters

Responder Parser ⭐ 23

Most Responder's configuration power in your hand

Probe: This is a special tool for bug hunter for automated recon process smoothly.

Python For Ethical Hacking ⭐ 17

Build tools for hacking ethically using python.

Blestsploit ⭐ 16

BlestSploit Framework, exploitation framework for Ethical Hackers and CyberSecurity Experts & Pentesters

Mailripv3 ⭐ 16

SMTP and IMAP checker / cracker for mailpass combolists with a user-friendly GUI, automated inbox test and many more features.

Androset ⭐ 15

Automated script to convert and push Burp Suite certificate in Android, and modify Android's IP table to redirect all traffic to Burp Suite.

Badmoodle ⭐ 15

Moodle community-based vulnerability scanner

Simple_https_server ⭐ 14

It's a quick HTTPS server.

Socketpie_dostool ⭐ 14

DOS TOOL WITH PYTHON LAYER7 :) (HTTP FLOOD)

Dirbruter ⭐ 13

DirBruter is a Python based CLI tool. It looks for hidden or existing directories/files using brute force method. It basically works by launching a dictionary based attack against a webserver and analyse its response.

Paraforge ⭐ 13

A BurpSuite extension to create a custom word-list of endpoint and parameters for enumeration and fuzzing

Useragent Fuzz Lib ⭐ 12

User-agent Fuzzing Library. This repository holds data of all the user agents in the `user_agents.json` file, which can be used directly with any tool that can parse json format.

Keylogger ⭐ 11

A Keylogger made in Python that sends you the collected data via email.

Pentesting ⭐ 11

Codeargos ⭐ 10

A python module for red teams to support the continuous recon of JavaScript files and HTML script blocks in an active web application.

Mobsecco ⭐ 10

Cloning apk for bypassing code tampering detection, Google Safety Net and scanning vulnerable plugins

The easy way to create a working directory with standard report template files for common security scenarios: penetration testing, CTF, training, and certification exams. Automatically convert markdown into a polished final report.

Multitool ⭐ 10

Simple Penetration Testing Multitool For Beginners.

Autoreverse ⭐ 9

This tool configure malicious payloads such as .exe, .dll, php and ps1 files.

Extract endpoints from specific Git repository for fuzzing

Python tool for Wifi hacking

Advanced Penetration Testing Script ⭐ 7

The script is an advanced Python-based tool that can be used to test a website for various vulnerabilities such as SQL injection, cross-site scripting (XSS), cross-site request forgery (CSRF) and insecure file upload.

Mailripv1 ⭐ 7

A SMTP Checker / SMTP Cracker with SOCKS support and e-mail delivery test (inbox check) for mailpass combolists.

Reverseshell Rce ⭐ 7

Remote code execution. Establish remote shell session.

X_INSTA Powerful INSTAGRAM Password Brute Force Tool For Windows

Subdo is a Pentesting/OSINT software that automates the enumeration, verification and analysis of subdomains, using public registries such as Shodan or crt.sh.

Speeding up identifying which binaries with a SUID flag may lead to root access

a very simple script inspired in gobuster and dirbuster writed in python

Wardriving ⭐ 6

Python Wardriving

A Pentest Collaboration and Reporting Tool

An EvilTwin wrapper with quality of life enhancements.

Notestocommands ⭐ 5

NotesToCommands is a powerful command template experience, allowing users to instantly execute terminal commands, with varying arguments, grouped into sections in a note or file. It was originally created for pentesting uses, to avoid the needed remembrance and retyping of sets of commands for various attacks.

Fishshell ⭐ 5

FIshShell is a multi-session handler and Windows & Linux backdoor payload generator. It allows users\targets to connect to the server (other machines running the multi-handler) after which the server admin/attacker can join sessions and also get a non-interactive reverse shell.

Cracking the Lenses of Perimeter Penetrationtests

A Python3 script that quickly downloads and or installs Pentesting tools from a config file.

Related Searches

Python Django (28,897)

Python Machine Learning (14,099)

Python Tensorflow (13,736)

Python Command Line (12,840)

Python Network (11,495)

Python Html (10,924)

Python Testing (9,479)

Python Plugin (9,263)

Python Twitter (5,126)

Python Shell (5,055)

1-77 of 77 search results

Privacy | About | Terms | Follow Us On Twitter

Copyright 2018-2024 Awesome Open Source. All rights reserved.