penetration-testing

There are 616 repositories under penetration-testing topic.

• Hack-with-Github / Awesome-Hacking

  A collection of various awesome lists for hackers, pentesters and security researchers

  androidawesomebug-bountyfuzzinghackingpenetration-testingpentesting-windowsreverse-engineeringsecurity
  77939
• PayloadsAllTheThings

  swisskyrepo / PayloadsAllTheThings

  A list of useful payloads and bypass for Web Application Security and Pentest/CTF

  bountybugbountybypasscheatsheetenumerationhackinghacktoberfestmethodologypayloadpayloadspenetration-testingpentestprivilege-escalationredteamsecurityvulnerabilityweb-application
  Language:Python 57125
• h4cker

  The-Art-of-Hacking / h4cker

  This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), artificial intelligence security, vulnerability research, exploit development, reverse engineering, and more.

  aiai-securityartificial-intelligenceawesome-listawesome-listscybersecurityethical-hackingexploitexploit-developmentexploitshackerhackershackinghacking-seriespenetration-testingtrainingvulnerabilityvulnerability-assessmentvulnerability-identificationvulnerability-management
  Language:Jupyter Notebook 16718

• vitalysim / Awesome-Hacking-Resources

  A collection of hacking / penetration testing resources to make you better!

  ctfhackingprivilege-escalationreverse-engineeringbuffer-overflowpenetration-testingowaspexploitmalwarewindows-privilege-escalationprivilege-escalation-linuxmitm
  14745

• sundowndev / hacker-roadmap

  A collection of hacking tools, resources and references to practice ethical hacking.

  hackinghacking-toolpenetration-testingroadmapframeworkshacktoolspentestweb-hackingexploitationpost-exploitationinformation-gatheringpentestingsecurity
  12669

• maurosoria / dirsearch

  Web path scanner

  appsecbrutebug-bountybugbountydirsearchenumerationfuzzerfuzzinghackinghacking-toolinfosecpenetration-testingpentest-toolpentestingpythonred-teamingredteamscannersecuritywordlist
  Language:Python 11319

• qazbnm456 / awesome-web-security

  🐶 A curated list of Web Security materials and resources.

  awesomeawesome-listlistpenetration-testingsecuritywebwebsecurity
  10876

• vanhauser-thc / thc-hydra

  hydra

  penetration-testingpassword-crackernetwork-securityhydrathcpentestingpentestpentest-toolbrute-forcebrute-force-passwordsbruteforce-attacksbrute-force-attacksbruteforcingbruteforcerbruteforcepassword-cracking
  Language:C 9083

• Datalux / Osintgram

  Osintgram is a OSINT tool on Instagram. It offers an interactive shell to perform analysis on Instagram account of any users by its nickname

  analysishackinginformation-gatheringinstagraminstagram-accountinstagram-apinicknameosintosint-pythonpenetration-testingpythonpython3tool
  Language:Python 8857

• samratashok / nishang

  Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

  activedirectoryhackinginfosecnishangpenetration-testingpowershellred-teamredteamsecurity
  Language:PowerShell 8375
• Scanners-Box

  We5ter / Scanners-Box

  A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑

  apk-analysisbinary-analysiscode-analyzerdevsecopsexploitation-frameworkhacker-toolsinformation-securitymalware-analysispenetration-testingpentesting-toolsprivacy-complianceredteam-toolssecurity-auditsecurity-automationsmart-contractsstatic-analysisvulnerability-scannerswifi-hackingwifi-security
  8008
• Sn1per

  1N3 / Sn1per

  Attack Surface Management Platform

  attack-surfaceattack-surface-managementattacksurfacebugbounty-platformcybersecurityhackinghacking-toolsosint-frameworkosint-toolpenetration-testingpentest-scriptspentest-toolpentest-toolspentestingpentesting-toolssecuritysecurity-toolssn1persn1per-professional
  Language:Shell 7566
• rengine

  yogeshojha / rengine

  reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.

  security-toolsosintreconrecon-enginereconnaissancescannerscanner-webrengineinformation-gatheringbugbountyhackingscanningpentestingbug-bountyinfosecpenetration-testing
  Language:Python 7006
• wstg

  OWASP / wstg

  The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

  application-securityappsecbest-practicesbugbountyguidehackinghacktoberfestowasppenetration-testingpentestingsecurity
  Language:Dockerfile 6752

• mandiant / commando-vm

  Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@mandiant.com

  penetration-testingred-teamingwindowsfireeye-flare
  Language:PowerShell 6712
• monkey

  guardicore / monkey

  Infection Monkey - An open-source adversary emulation platform

  adversary-emulationinfection-monkeypenetration-testingsecurity-automationsecurity-tools
  Language:Python 6494

• GreyDGL / PentestGPT

  A GPT-empowered penetration testing tool

  large-language-modelsllmpenetration-testingpython
  Language:Python 6422

• Mr-xn / Penetration_Testing_POC

  渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms

  authentication-bypassbypasscobalt-strikecsrfcsrf-webshellcvecve-cmsexploitgetshelloa-getshellpenetration-testingpenetration-testing-pocphp-bypasspocpoc-exprcesql-getshellsql-pocthinkphp
  Language:HTML 6179

• trickest / cve

  Gather and update all available and newest CVEs with their PoC.

  poccvecve-poclatest-cvevulnerabilityvulnerabilitiessoftware-vulnerabilitiessoftware-securityexploitsecurityinfosechackingpentestingpenetration-testingred-teamsecurity-toolssoftware-vulnerability
  Language:HTML 6119

• infoslack / awesome-web-hacking

  A list of web application security

  penetration-testingweb-hackingvulnerabilitiesscannerhackinghacking-toolsmetasploitweb-securityappsecowasppentestingsecurityvulnerability
  5453

• daffainfo / AllAboutBugBounty

  All about bug bounty (bypasses, payloads, and etc)

  bugbugbountybugbountytipsbypasshackinginfosecpayloadpayloadspenetration-testingpentestreconnaissancesecurityvulnerability
  5436

• rmusser01 / Infosec_Reference

  An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

  infosecinfosec-referencereverse-engineeringhackingpentestingpenetration-testingreferenceslinuxprivilege-escalationinformation-securityblueteamred-teamwindowsosxforensicshacking-simulatorprivilege-escalation-exploitshacktoberfesthacktoberfest2021
  Language:CSS 5368
• reconftw

  six2dez / reconftw

  reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

  bugbountyhackingreconpentestsubdomainnucleivulnerabilitiesscannerfuzzingosintpenetration-testingpentestingreconnaissancednspentest-toolsecuritysecurity-toolsbug-bounty
  Language:Shell 5266
• RedTeam-Tools

  A-poc / RedTeam-Tools

  Tools and Techniques for Red Team / Penetration Testing

  cheatsheetcybersecurityhackingpenetration-testingred-teamsecurity-toolslinuxresourcestoolswindowsenumerationpayloadpentestpentest-toolsred-team-toolsmitre-attackredteam
  5241

• urbanadventurer / WhatWeb

  Next generation web scanner

  securitywebscannerrubypenetration-testingkali-linuxowasppenetration-testing-toolspenetration-testhackinghacking-toolsnetwork-securityreconappsecapplication-securitypentestingpentesting-toolspentestweb-hackingsecurity-tools
  Language:Ruby 5123
• osmedeus

  j3ssie / osmedeus

  A Workflow Engine for Offensive Security

  scanningreconnaissancepenetration-testingsecurity-toolspentest-toolhacking-toolinformation-gatheringhackingosintbugbountypentestinggolangsecuritygobug-bountyattack-surfaceattack-surface-management
  Language:Go 5102
• awesome-shodan-queries

  jakejarvis / awesome-shodan-queries

  🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

  shodaninfosecpentestingiotinternet-of-thingssecurityawesomeawesome-listhackingpenetration-testingshodan-dorksdorksnetwork-infrastructuresecurity-toolssecurity-scannercloud
  5085

• yeahhub / Hacking-Security-Ebooks

  Top 100 Hacking & Security E-Books (Free Download)

  hackingbookssecuritypenetration-testingebookskali-linuxhacking-security-ebooks
  5080

• S1ckB0y1337 / Active-Directory-Exploitation-Cheat-Sheet

  A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

  activedirectoryactive-directorycheatsheetactive-directory-cheatsheetactive-directory-exploitationsecuritypentestingpenetration-testinghackinghacking-cheasheethacking-toolshacking-toolcheatcheat-sheetexploitationprivilege-escalationenumerationattackwindows-active-directorywindows
  5077

• onlurking / awesome-infosec

  A curated list of awesome infosec courses and training resources.

  infosecpentestcoursespenetration-testingsecurity-professionalslabawesomesecurity
  4989
• Cheatsheet-God

  OlivierLaflamme / Cheatsheet-God

  Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

  awesomecheatsheetcheatsheet-godhackinghacking-codehacking-toolhowto-tutorialinformation-securityoscposcp-journeyoscp-toolsoscp5penetrationpenetration-testpenetration-testingpentestingrefreshersecuritysecurity-toolssecurity-vulnerability
  4738

• infobyte / faraday

  Open Source Vulnerability Management Platform

  devopspenetration-testingvulnerabilityvulnerability-scannerssecuritysecurity-auditpentestingcontinuous-scanninginfosecvulnerability-managementcollaborationburpsuitenessusnmapdevsecopssecurity-automationorchestrationcveappseccybersecurity
  Language:Python 4636

• LyleMi / Learn-Web-Hacking

  Study Notes For Web Hacking / Web安全学习笔记

  web-hackingstudy-noteshackingpentestingsecuritypenetration-testing
  Language:Python 4227

• AzeemIdrisi / PhoneSploit-Pro

  An all-in-one hacking tool to remotely exploit Android devices using ADB and Metasploit-Framework to get a Meterpreter session.

  adbandroidandroid-debug-bridgecybersecurityexploithackingmetasploit-frameworkpenetration-testingpentestingphonesploitphonesploit-proandroid-hackinghacking-scripthacking-toolhackmeterpreterpentest-toolpythonhacktoberfestcollaborate
  Language:Python 4206

• Hack-with-Github / Free-Security-eBooks

  Free Security and Hacking eBooks

  securityhackingpenetration-testinghacking-ebooksforensicshackers-handbookcloud-securitykali-linuxcyber-securityebooks
  4151

• RhinoSecurityLabs / pacu

  The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.

  awsaws-securitypenetration-testingpythonsecurity
  Language:Python 4055