Awesome Open Source
Search
Programming Languages
Languages
All Categories
Categories
About
Search results for vulnerabilities penetration testing
penetration-testing
x
vulnerabilities
x
31 search results found
Payloadsallthethings
⭐
55,999
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
H4cker
⭐
15,693
This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), artificial intelligence security, vulnerability research, exploit development, reverse engineering, and more.
Cve
⭐
5,806
Gather and update all available and newest CVEs with their PoC.
Awesome Web Hacking
⭐
5,260
A list of web application security
Reconftw
⭐
5,204
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Allaboutbugbounty
⭐
4,793
All about bug bounty (bypasses, payloads, and etc)
Faraday
⭐
4,422
Open Source Vulnerability Management Platform
Pocsuite3
⭐
3,412
pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.
Awesome Redteam
⭐
3,079
一个攻防知识仓库
Vulscan
⭐
2,983
Advanced vulnerability scanning with Nmap NSE
Vulmap
⭐
2,935
Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞验证功能
Awesome Hacking
⭐
2,716
Awesome hacking is an awesome collection of hacking tools.
Awesome Termux Hacking
⭐
2,550
⚡️An awesome list of the best Termux hacking tools
Awesome Nodejs Security
⭐
2,515
Awesome Node.js Security resources
Ssrfmap
⭐
2,306
Automatic SSRF fuzzer and exploitation tool
Pentest Guide
⭐
2,281
Penetration tests guide based on OWASP including test cases, resources and examples.
Archerysec
⭐
2,162
Automate Your Application Security Orchestration And Correlation (ASOC) Using ArcherySec.
Trackray
⭐
1,922
溯光 (TrackRay) 3 beta⚡渗透测试框架(资产扫描|指纹识别|暴力破解|网页爬虫|端口扫描|漏洞扫描|代码审计|AWV
Pwndoc
⭐
1,827
Pentest Report Generator
Vulnx
⭐
1,763
vulnx 🕷️ an intelligent Bot, Shell can achieve automatic injection, and help researchers detect security vulnerabilities CMS system. It can perform a quick CMS security detection, information collection (including sub-domain name, ip address, country information, organizational information and time zone, etc.) and vulnerability scanning.
Fuxploider
⭐
1,702
File upload vulnerability scanner and exploitation tool.
Reverse Shell
⭐
1,600
Reverse Shell as a Service
Metlo
⭐
1,537
Metlo is an open-source API security platform.
Rapidscan
⭐
1,489
🆕 The Multi-Tool Web Vulnerability Scanner.
Damn Vulnerable Graphql Application
⭐
1,387
Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security.
V3n0m Scanner
⭐
1,342
Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
Fuxi
⭐
1,310
Penetration Testing Platform
A Red Teamer Diaries
⭐
1,294
RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Mutillidae
⭐
1,113
OWASP Mutillidae II is a free, open-source, deliberately vulnerable web application providing a target for web-security training. This is an easy-to-use web hacking environment designed for labs, security enthusiasts, classrooms, CTF, and vulnerability assessment tool targets.
Learn365
⭐
1,006
This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection.
Security
⭐
830
Some of my security stuff and vulnerabilities. Nothing advanced. More to come.
Pentesttools
⭐
816
Awesome Pentest Tools Collection
Xsser
⭐
814
Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.
Awesome Vulnerable
⭐
789
A curated list of VULNERABLE APPS and SYSTEMS which can be used as PENETRATION TESTING PRACTICE LAB.
Garud
⭐
694
An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.
Scant3r
⭐
657
ScanT3r - Module based Bug Bounty Automation Tool
Injuredandroid
⭐
628
A vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.
Jackhammer
⭐
599
Jackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.
Jok3r
⭐
564
Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework
Solr Injection
⭐
560
Apache Solr Injection Research
Aort
⭐
556
All in One Recon Tool for Bug Bounty
Envizon
⭐
519
network visualization & pentest reporting
Vehicle Security Toolkit
⭐
502
汽车/安卓/固件/代码安全测试工具集
Findom Xss
⭐
487
A fast DOM based XSS vulnerability scanner with simplicity.
Bug Bounty Methodology
⭐
438
These are my checklists which I use during my hunting.
Burp Suite Certified Practitioner Exam Study
⭐
419
Burp Suite Certified Practitioner Exam Study
Reconmap
⭐
368
Vulnerability assessment and penetration testing automation and reporting platform for teams.
Vulnrepo
⭐
364
VULNRΞPO - Free vulnerability report generator and repository end-to-end encrypted. Complete templates of issues, CWE, CVE, MITRE ATT&CK, PCI DSS, issues import Nmap/Nessus/Burp/OpenVAS/Bugcrowd/Trivy, Jira export, TXT/JSON/MARKDOWN/HTML/PDF report, attachments, automatic changelog, statistics, vulnerability management, methodologies and much more!
Reconscan
⭐
324
Network reconnaissance and vulnerability assessment tools.
Quillaudit_reports
⭐
312
QuillAudits Smart Contracts, deFi, NFT, tokens,Dao , Dex and DApps Audit Reports
Pwndoc Ng
⭐
273
Pentest Report Generator
Hacking
⭐
269
Ha3Mrx Pentesting and Security Hacking
Sub404
⭐
257
A python tool to check subdomain takeover vulnerability
Awesome Cyber Security
⭐
255
[Draft]Awesome Cyber Security Resource Collection. Currently contains 8000+ open source repositories, and not very well classified. For each repository, extra info included: star count, commit count, last update time. This is the DRAFT version.
Droid Hunter
⭐
244
(deprecated) Android application vulnerability analysis and Android pentest tool
Cvemon
⭐
228
Monitoring exploits & references for CVEs
Cervantes
⭐
215
Cervantes is an opensource collaborative platform for pentesters or red teams who want to save time to manage their projects, clients, vulnerabilities and reports in one place.
Learn365
⭐
207
This repository is about @AnubhavSingh_'s 365 days of Learning Tweets collection.
Linux Soft Exploit Suggester
⭐
204
Search Exploitable Software on Linux
Hadoop Attack Library
⭐
200
A collection of pentest tools and resources targeting Hadoop environments
Handbook
⭐
196
A living document for penetration testing and offensive security.
Phpvuln
⭐
185
🕸️ Audit tool to find common vulnerabilities in PHP source code
Nightingale
⭐
183
It's a Docker Environment for Pentesting which having all the required tool for VAPT.
Inthewilddb
⭐
183
Hourly updated database of exploit and exploitation reports
Ary
⭐
178
Ary 是一个集成类工具,主要用于调用各种安全工具,从而形成便捷的一键式渗透。
Bulwark
⭐
163
An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
Recon
⭐
161
Recon is a script to perform a full recon on a target with the main tools to search for vulnerabilities. Created based on @ofjaaah and @Jhaddix methodologies
Web Fuzz Wordlists
⭐
159
Common Web Managers Fuzz Wordlists
Vmass
⭐
148
vMass Bot 🪝 Vulnerability Scanner & Auto Exploiter Tool Written in Perl.
Scanner And Patcher
⭐
145
A Web Vulnerability Scanner and Patcher
Hackerscave4staticandroidsec
⭐
142
A comprehensive resource for Android static analysis and vulnerability assessment. Tutorials, tools, and resources for identifying and mitigating security vulnerabilities in Android applications.
Pakuri
⭐
140
PAKURI has been merged with Python and launched as a new project, PAKURI-THON.
Mida Multitool
⭐
140
Bash script purposed for system enumeration, vulnerability identification and privilege escalation.
Pentest Tools Framework
⭐
140
Pentest Tools Framework is a database of exploits, Scanners and tools for penetration testing. Pentest is a powerful framework includes a lot of tools for beginners. You can explore kernel vulnerabilities, network vulnerabilities
Kitsec Core
⭐
136
Ethical hacking, made easy.
Web_hacking
⭐
135
Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.
Writeups
⭐
133
This repository contains writeups for various CTFs I've participated in (Including Hack The Box).
Offensive Dockerfiles
⭐
132
Offensive tools as Dockerfiles. Lightweight & Ready to go
Sec Pentesting Toolkit
⭐
130
👾 𝘁𝗼𝗼𝗹𝘀 𝗳𝗼𝗿 𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗿𝗲𝘀𝗲𝗮𝗿𝗰𝗵𝗲𝗿𝘀: 𝗽𝗲𝗻𝘁𝗲𝘀𝘁𝗶𝗻𝗴, 𝗖𝗧𝗙𝘀 & 𝘄𝗮𝗿𝗴𝗮𝗺𝗲𝘀
Vulnplanet
⭐
123
Vulnerable code snippets with fixes for Web2, Web3, API, iOS, Android and Infrastructure-as-Code (IaC)
Smtptester
⭐
123
small python3 tool to check common vulnerabilities in SMTP servers
Vulnerable Flask App
⭐
121
Erlik 2 - Vulnerable-Flask-App
Cve 2021 21315 Poc
⭐
121
CVE 2021-21315 PoC
Find Gh Poc
⭐
117
Find CVE PoCs on GitHub
Cve 2022 23808
⭐
110
phpMyAdmin XSS
Ansvif
⭐
107
A Not So Very Intelligent Fuzzer: An advanced fuzzing framework designed to find vulnerabilities in C/C++ code.
Nist To Tech
⭐
88
An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)
App Sec Wiki
⭐
88
Files for appsecwiki.com
Firebase
⭐
85
Exploiting misconfigured firebase databases
In Spectre Meltdown
⭐
84
This tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs enabling attackers to read data they shouldn't be able to. This tool is originally based on Microsoft: https://support.microsoft.com/en-us/help/4073119/p
Awesome Web Hacking
⭐
82
A list of web application security
Scanpro
⭐
79
ScanPro - NMap Scanning Scripts ~ Network Mapper
Vucsa
⭐
78
Vulnerable Client-Server Application (VuCSA) is made for learning how to perform penetration tests of non-http thick clients. It is written in Java (with JavaFX graphical user interface) and contains multiple challenges including SQL injection, RCE, XML vulnerabilities and more.
Pastebinmarkdownxss
⭐
78
XSS in pastebin.com and reddit.com via unsanitized markdown output
Secator
⭐
77
Secator - the pentester's swiss knife
Fazscan
⭐
74
| FazScan is a Perl program to do some vulnerability scanning and pentesting |
Log4j
⭐
74
Trickest Workflow for discovering log4j vulnerabilities and gathering the newest community payloads.
White Box Pentesting
⭐
74
This lab is created to demonstrate pass-the-hash, blind sql and SSTI vulnerabilities
Rsgen
⭐
73
rsGen is a Reverse Shell Payload Generator for hacking.
Cvescannerv2
⭐
66
Nmap script that scans for probable vulnerabilities based on services discovered in open ports.
Related Searches
Security Vulnerabilities (12,350)
Laravel Vulnerabilities (11,319)
Php Vulnerabilities (8,887)
Javascript Vulnerabilities (1,306)
Python Penetration Testing (1,286)
Python Vulnerabilities (1,159)
Security Penetration Testing (767)
Vulnerabilities Scanner (695)
Vulnerabilities Exploitation (636)
Shell Penetration Testing (528)
1-31 of 31 search results
Privacy
|
About
|
Terms
|
Follow Us On Twitter
Copyright 2018-2024 Awesome Open Source. All rights reserved.