penetration-testing

There are 493 repositories under penetration-testing topic.

• Hack-with-Github / Awesome-Hacking

  A collection of various awesome lists for hackers, pentesters and security researchers

  hackingsecuritybug-bountyawesomeandroidfuzzingpenetration-testingpentesting-windowsreverse-engineering
  62755
• PayloadsAllTheThings

  swisskyrepo / PayloadsAllTheThings

  A list of useful payloads and bypass for Web Application Security and Pentest/CTF

  pentestpayloadbypassweb-applicationhackingvulnerabilitybountymethodologyprivilege-escalationpenetration-testingcheatsheetsecurityenumerationbugbountyredteampayloadshacktoberfest
  Language:Python 46311

• The-Art-of-Hacking / h4cker

  This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.

  hackingpenetration-testinghacking-seriesvideo-coursecybersecurityethical-hackingethicalhackinghackerexploitexploitsexploit-developmentvulnerabilityvulnerability-scannersvulnerability-assessmentvulnerability-managementvulnerability-identificationawesome-listsawesome-listtraininghackers
  Language:Jupyter Notebook 13285

• vitalysim / Awesome-Hacking-Resources

  A collection of hacking / penetration testing resources to make you better!

  ctfhackingprivilege-escalationreverse-engineeringbuffer-overflowpenetration-testingowaspexploitmalwarewindows-privilege-escalationprivilege-escalation-linuxmitm
  13202

• sundowndev / hacker-roadmap

  A collection of hacking tools, resources and references to practice ethical hacking.

  hackinghacking-toolpenetration-testingroadmapframeworkshacktoolspentestweb-hackingexploitationpost-exploitationinformation-gatheringpentestingsecurity
  10631

• qazbnm456 / awesome-web-security

  🐶 A curated list of Web Security materials and resources.

  awesomeawesome-listlistpenetration-testingsecuritywebwebsecurity
  9484

• maurosoria / dirsearch

  Web path scanner

  fuzzerfuzzingpythonsecuritydirsearchhackingpentestingpenetration-testingbug-bountyappsecwordlisthacking-toolinfosecbrutescannerbugbountyenumerationpentest-toolred-teamingredteam
  Language:Python 9405

• vanhauser-thc / thc-hydra

  hydra

  penetration-testingpassword-crackernetwork-securityhydrathcpentestingpentestpentest-toolbrute-forcebrute-force-passwordsbruteforce-attacksbrute-force-attacksbruteforcingbruteforcerbruteforcepassword-cracking
  Language:C 7376

• samratashok / nishang

  Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

  powershellnishangsecurityred-teampenetration-testinginfosechackingredteamactivedirectory
  Language:PowerShell 7365
• Scanners-Box

  We5ter / Scanners-Box

  A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑

  pentesting-toolshacker-toolsvulnerability-scannersinformation-securityredteam-toolspenetration-testingdevsecopssecurity-automationsmart-contractsprivacy-complianceapk-analysisbinary-analysisexploitation-frameworkmalware-analysissecurity-auditcode-analyzerstatic-analysiswifi-hackingwifi-security
  7082

• Datalux / Osintgram

  Osintgram is a OSINT tool on Instagram. It offers an interactive shell to perform analysis on Instagram account of any users by its nickname

  osintosint-pythonpython3instagraminstagram-apipenetration-testinginstagram-accountnicknameanalysispythontoolinformation-gatheringhacking
  Language:Python 6369
• Sn1per

  1N3 / Sn1per

  Attack Surface Management Platform | Sn1perSecurity LLC

  sn1persn1per-professionalbugbounty-platformattack-surfacecybersecuritypentest-toolpentesting-toolspentest-scriptspentest-toolshacking-toolsosint-toolosint-frameworkattacksurfacepenetration-testingpentestingsecurity-toolsattack-surface-managementhackingsecurity
  Language:Shell 6215
• monkey

  guardicore / monkey

  Infection Monkey - An open-source adversary emulation platform

  penetration-testingsecurity-toolssecurity-automationinfection-monkeyadversary-emulation
  Language:Python 6118

• mandiant / commando-vm

  Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@mandiant.com

  penetration-testingred-teamingwindowsfireeye-flare
  Language:PowerShell 5830
• wstg

  OWASP / wstg

  The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

  best-practicesguideowaspbugbountypenetration-testingpentestingapplication-securitysecurityhacktoberfest
  Language:Dockerfile 5409
• rengine

  yogeshojha / rengine

  reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.

  security-toolsosintreconrecon-enginereconnaissancescannerscanner-webrengineinformation-gatheringbugbountyhackingscanningpentestingbug-bountyinfosecpenetration-testing
  Language:JavaScript 5205

• Mr-xn / Penetration_Testing_POC

  渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms

  penetration-testingpocgetshellcsrfpenetration-testing-poccsrf-webshellcvercesql-pocpoc-expbypassoa-getshellcve-cmsphp-bypassthinkphpsql-getshellauthentication-bypasscobalt-strikeexploit
  Language:PowerShell 5101

• rmusser01 / Infosec_Reference

  An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

  infosecinfosec-referencereverse-engineeringhackingpentestingpenetration-testingreferenceslinuxprivilege-escalationinformation-securityblueteamred-teamwindowsosxforensicshacking-simulatorprivilege-escalation-exploitshacktoberfesthacktoberfest2021
  Language:CSS 4883

• infoslack / awesome-web-hacking

  A list of web application security

  penetration-testingweb-hackingvulnerabilitiesscannerhackinghacking-toolsmetasploitweb-securityappsecowasppentestingsecurityvulnerability
  4613

• onlurking / awesome-infosec

  A curated list of awesome infosec courses and training resources.

  infosecpentestcoursespenetration-testingsecurity-professionalslabawesomesecurity
  4444

• urbanadventurer / WhatWeb

  Next generation web scanner

  securitywebscannerrubypenetration-testingkali-linuxowasppenetration-testing-toolspenetration-testhackinghacking-toolsnetwork-securityreconappsecapplication-securitypentestingpentesting-toolspentestweb-hackingsecurity-tools
  Language:Ruby 4406

• j3ssie / osmedeus

  A Workflow Engine for Offensive Security

  scanningreconnaissancepenetration-testingsecurity-toolspentest-toolhacking-toolinformation-gatheringhackingosintosmedeusbugbountypentestinggolangsecuritygobug-bounty
  Language:Go 4342
• Cheatsheet-God

  OlivierLaflamme / Cheatsheet-God

  Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

  penetration-testingsecurityhackingcheatsheetoscpinformation-securitypentestinghowto-tutorialrefresherpenetration-testcheatsheet-godoscp5oscp-toolsoscp-journeypenetrationsecurity-toolssecurity-vulnerabilityhacking-toolhacking-codeawesome
  4227

• trickest / cve

  Gather and update all available and newest CVEs with their PoC.

  poccvecve-poclatest-cvevulnerabilityvulnerabilitiessoftware-vulnerabilitiessoftware-securityexploitsecurityinfosechackingpentestingpenetration-testingred-teamsecurity-toolssoftware-vulnerability
  Language:HTML 4097

• yeahhub / Hacking-Security-Ebooks

  Top 100 Hacking & Security E-Books (Free Download)

  hackingbookssecuritypenetration-testingebookskali-linuxhacking-security-ebooks
  4010
• awesome-shodan-queries

  jakejarvis / awesome-shodan-queries

  🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

  shodaninfosecpentestingiotinternet-of-thingssecurityawesomeawesome-listhackingpenetration-testingshodan-dorksdorksnetwork-infrastructuresecurity-toolssecurity-scannercloud
  3970
• reconftw

  six2dez / reconftw

  reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

  bugbountyhackingreconpentestsubdomainnucleiraspberryvulnerabilitiesscannerfuzzinginfosecosintpenetration-testingpentestingreconnaissancehacktoberfestdnspentest-toolsecuritysecurity-tools
  Language:Shell 3912

• daffainfo / AllAboutBugBounty

  All about bug bounty (bypasses, payloads, and etc)

  bugbountybugbountytipsbypasspayloadsreconnaissancebughackingsecuritypayloadpenetration-testingvulnerabilityinfosecpentest
  3899

• S1ckB0y1337 / Active-Directory-Exploitation-Cheat-Sheet

  A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

  activedirectoryactive-directorycheatsheetactive-directory-cheatsheetactive-directory-exploitationsecuritypentestingpenetration-testinghackinghacking-cheasheethacking-toolshacking-toolcheatcheat-sheetexploitationprivilege-escalationenumerationattackwindows-active-directorywindows
  3838

• infobyte / faraday

  Open Source Vulnerability Management Platform

  devopspenetration-testingvulnerabilityvulnerability-scannerssecuritysecurity-auditpentestingcontinuous-scanninginfosecvulnerability-managementcollaborationburpsuitenessusnmapdevsecopssecurity-automationorchestrationcveappseccybersecurity
  Language:Python 3835

• Hack-with-Github / Free-Security-eBooks

  Free Security and Hacking eBooks

  cloud-securitycyber-securityebooksforensicshackers-handbookhackinghacking-ebookskali-linuxpenetration-testingsecurity
  3676

• arismelachroinos / lscript

  The LAZY script will make your life easier, and of course faster.

  kali-scriptskali-linuxshell-scriptpayload-generatorpayloadwifi-testingpenetration-testingpentestingpentest-toolwifi-passwordwpa2-handshakewpa-crackerpixie-dustmetasploit-frameworketernalblue-doublepulsar-metasploitwifiphisherantivirus-evasionbypass-avbypass-antivirussqlinjection
  Language:Shell 3570

• RhinoSecurityLabs / pacu

  The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.

  aws-securitypenetration-testingawssecuritypython
  Language:Python 3313

• Arachni / arachni

  Web Application Security Scanner Framework

  arachnidomrubyauditdetectionsecurity-auditanalysismodularjavascriptscannersweb-applicationvulnerability-detectioncrawlerscannerhackhackingpenetration-testingxsssql-injection
  Language:Ruby 3296
• RedTeam-Tools

  A-poc / RedTeam-Tools

  Tools and Techniques for Red Team / Penetration Testing

  cheatsheetcybersecurityhackingpenetration-testingred-teamsecurity-toolslinuxresourcestoolswindowsenumerationpayloadpentestpentest-toolsred-team-toolsmitre-attackredteam
  3273

• Ullaakut / cameradar

  Cameradar hacks its way into RTSP videosurveillance cameras

  camerascctvhackinghacking-toolinfosecnetsecpenetration-testingpentestingrtspsecuritysecurity-tools
  Language:Go 3229