Awesome Open Source
Search
Programming Languages
Languages
All Categories
Categories
About
Search results for security pentest tool
pentest-tool
x
security
x
77 search results found
Dirsearch
⭐
11,165
Web path scanner
Sn1per
⭐
7,480
Attack Surface Management Platform
Reconftw
⭐
5,204
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Osmedeus
⭐
5,076
A Workflow Engine for Offensive Security
1earn
⭐
4,841
ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Vulmap
⭐
2,935
Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞验证功能
Stowaway
⭐
2,195
👻Stowaway -- Multi-hop Proxy Tool for pentesters
Venom
⭐
1,911
Venom - A Multi-hop Proxy for Penetration Testers
Dismap
⭐
1,840
Asset discovery and identification tools 快速识别 Web 指纹信息,定位资产类型。辅助红队快速定位目标资产信息,辅助蓝队发现疑似脆弱点
Netexec
⭐
1,596
The Network Execution Tool
Cloakify
⭐
1,483
CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection
Top25 Parameter
⭐
1,311
For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙
Fuxi
⭐
1,310
Penetration Testing Platform
Perun
⭐
1,037
Perun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫
Inventory
⭐
1,019
Asset inventory of over 800 public bug bounty programs.
Linuxprivchecker
⭐
934
linuxprivchecker.py -- a Linux Privilege Escalation Check Script
Evillimiter
⭐
928
Tool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.
Passhunt
⭐
898
Passhunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.
Enum4linux Ng
⭐
896
A next generation version of enum4linux (a Windows/Samba enumeration tool) with additional features like JSON/YAML export. Aimed for security professionals and CTF players.
Dumpsterfire
⭐
709
"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
Packetwhisper
⭐
607
PacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.
Haiti
⭐
532
🔑 Hash type identifier (CLI & lib)
Pentest Everything
⭐
379
A collection of CTF write-ups, pentesting topics, guides and notes. Notes compiled from multiple sources and my own lab research. Topics also support OSCP, Active Directory, CRTE, eJPT and eCPPT.
Sippts
⭐
347
Set of tools to audit SIP based VoIP Systems
Koko Moni
⭐
338
一个网络空间搜索引擎监控平台,可定时进行资产信息爬取,及时发现新增资产,本项目聚合了 Fofa、Hunter、Quake、Zoomeye 和 Threatbook 的数据源,并对获取到的数据进行去重与清洗
Susanoo
⭐
321
A REST API security testing framework.
Sbscan
⭐
316
SBSCAN是一款专注于spring框架的渗透测试工具,可以对指定站点进行springboot未授权 [SBSCAN is a penetration testing tool focused on the spring framework that can scan springboot sensitive information/unauthorized for specified sites and scan and validate spring related vulnerabilities]
Darkside
⭐
315
Tool Information Gathering & social engineering Write By [Python,JS,PHP]
Watchdog
⭐
309
Watchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.
Droid Hunter
⭐
244
(deprecated) Android application vulnerability analysis and Android pentest tool
Lucifer
⭐
177
A Powerful Penetration Tool For Automating Penetration Tasks Such As Local Privilege Escalation, Enumeration, Exfiltration and More... Use Or Build Automation Modules To Speed Up Your Cyber Security Life
Docker Security Images
⭐
173
🔐 Docker Container for Penetration Testing & Security
Powerladon
⭐
171
Ladon hacking Scanner for PowerShell, vulnerability / exploit / detection / MS17010/SmbGhost,Brute-Force SMB/IPC/WMI/NBT/SSH/FTP/MSSQL/MYSQL/ORACLE/VNC
Fileless Xec
⭐
160
Stealth dropper executing remote binaries without dropping them on disk .(HTTP3 support, ICMP support, invisible tracks, cross-platform,...)
Crithit
⭐
152
Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Favirecon
⭐
149
Use favicon.ico to improve your target recon phase. Quickly detect technologies, WAF, exposed panels, known services.
Airmaster
⭐
131
Use ExpiredDomains.net and BlueCoat to find useful domains for red team.
Jwtxploiter
⭐
130
A tool to test security of json web token
Golazagne
⭐
128
Go library for credentials recovery
Vailyn
⭐
126
A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python
Webstor
⭐
119
A script to quickly enumerate all websites across all of your organization's networks, store their responses, and query for known web technologies, such as those with zero-day vulnerabilities.
Peekaboo
⭐
108
PeekABoo tool can be used during internal penetration testing when a user needs to enable Remote Desktop on the targeted machine. It uses PowerShell remoting to perform this task. Note: Remote desktop is disabled by default on all Windows operating systems.
Fucking Awesome Hacking
⭐
86
A collection of various awesome lists for hackers, pentesters and security researchers. With repository stars⭐ and forks🍴
Pentol
⭐
61
PENTOL - Pentester Toolkit for Fiddler2
Linuxprivchecker
⭐
58
linuxprivchecker.py -- a Linux Privilege Escalation Check Script
Venera
⭐
55
A modular exploitation framework extensible with Lua
Autoredtools
⭐
54
AutoRedTools是一款轻量级一站式自动下载/自动更新常用开源软件的工具,主要帮助安全从业者/ 装的时间,从而提升生产效率或工作效率。
Phaser
⭐
53
Automated attack surface mapper and vulnerability scanner (Work In Progress 🚧)
Ronin Vulns
⭐
49
Tests URLs for Local File Inclusion (LFI), Remote File Inclusion (RFI), SQL injection (SQLi), and Cross Site Scripting (XSS), Server Side Template Injection (SSTI), and Open Redirects.
Simwigo
⭐
49
Simwigo is a cross-platform tool, written in Go, to simplify the deployment of a web service.
Xsmtp
⭐
46
xSMTP 🦟 Lightning fast, multithreaded smtp scanner targeting open-relay and unsecured servers in multiple network ranges.
Unauthorized
⭐
44
常见的未授权漏洞检测
Brokensmtp
⭐
41
Small python script to look for common vulnerabilities on SMTP server.
Volana
⭐
39
🌒 Shell command obfuscation to avoid detection systems
Itwsv
⭐
28
ITWSV- Integrated Tool for Web Security Vulnerability
Ftpknocker
⭐
25
🔑 ftpknocker is a multi-threaded scanner for finding anonymous FTP servers
Dnsmap
⭐
24
Scan for subdomains using bruteforcing techniques
Tacos
⭐
23
🌮 INTERACTIVE reverse shell everywhere! (Particularly digestible with socat multi-handler listener)
Yelaa
⭐
21
Obtain a clean-cut architecture at the launch of a mission and run some tests ( subdomain search, fuzzing, make screenshots on a given perimeter )
Arsenal
⭐
20
Tools for bug hunting in a container
Androsectest
⭐
20
From this app, Connect a Phone, Extract any app from It, Decompile, Deobfuscate, Remove Certificate Pinning and Repackage it. Meanwhile, Perform some Static and Dynamic Analysis on It.
App
⭐
20
🚀 CSRFShark - a utility for manipulating cross-site request forgery attacks
Unauthorized_com
⭐
19
未授权检测的命令行版,支持批量检测
Smart Url Fuzzer
⭐
18
Explore URLs of domains fast and efficiently using fuzzing techniques
Python For Ethical Hacking
⭐
17
Build tools for hacking ethically using python.
Ethical Hacking Tools
⭐
17
List of various ethical hacking tools
Pga4decrypt
⭐
17
A tool for recovering server credentials from a pgadmin4 database
Zaproxy Automation
⭐
17
This is a collection of ZAProxy Automation Tools and scripts to automate security tests of WEB Applications and WEB Sites
Hackenv
⭐
15
Manage and access your Kali Linux or Parrot Security VM from the terminal (SSH support + file sharing, especially convenient during CTFs, Hack The Box, etc.) 🚀🔧
Httpcustomhouse
⭐
15
HTTP request smuggling attack helper/CLI tools to manipulate HTTP packets
Automatedhunter
⭐
14
Google Chrome Extension automates testing fundamental Web Problems via Chrome
Aws Loot
⭐
11
Pull secrets from an AWS environment
Ddos2
⭐
10
Denial of service testing toolkit written in C
Sif
⭐
10
🚀 blazing-fast pentesting suite written in Go
Typo3accesschecker
⭐
9
Check if Typo3 security guidelines are followed.
Hive Burp Extension
⭐
8
About Hive Burp Suite Extension
Search_vulns
⭐
8
Search for known vulnerabilities in software using software titles or a CPE 2.3 string
Php 8.1.0 Dev Backdoor Rce
⭐
7
PHP 8.1.0-dev Backdoor System Shell Script
Tendaspill
⭐
6
An exploitation tool to extract passwords using CVE-2015-5995.
Packet Flooder
⭐
6
A packet flooding/generating program I made that supports TCP, UDP, and ICMP packets. Includes functionality to change characteristics per packet and is also multithreaded.
Magentoscanner
⭐
6
Magento Security Scanner
Dirforce
⭐
5
dirforce is a tool for directory discovery
Unisecbarber
⭐
5
This tool receives a security tool command with its parameters as input, runs the tool in a new process and parses the result returning a normalized json as response.
Jok3r
⭐
5
Jok3r - Network and Web Pentest Framework
Related Searches
Security Vulnerabilities (12,295)
Laravel Security (11,580)
Php Security (10,611)
Python Security (3,510)
Html Security (2,284)
Golang Security (1,316)
Shell Security (1,213)
Security Penetration Testing (920)
C Security (886)
Amazon Web Services Security (874)
1-77 of 77 search results
Privacy
|
About
|
Terms
|
Follow Us On Twitter
Copyright 2018-2024 Awesome Open Source. All rights reserved.