pentest

There are 279 repositories under pentest topic.

PayloadsAllTheThings
swisskyrepo / PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
pentest payload bypass web-application hacking vulnerability bounty methodology privilege-escalation penetration-testing cheatsheet security enumeration bugbounty redteam payloads hacktoberfest
Language:Python 57163
sundowndev / hacker-roadmap
A collection of hacking tools, resources and references to practice ethical hacking.
hacking hacking-tool penetration-testing roadmap frameworks hacktools pentest web-hacking exploitation post-exploitation information-gathering pentesting security
12675
social-analyzer
qeeqbox / social-analyzer
API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites
osint social-media analyzer username profile reconnaissance pentest information-gathering pentesting social-analyzer person-profile javascript nodejs python security-tools analysis nodejs-cli cli sosint
Language:JavaScript 11136
nahamsec / Resources-for-Beginner-Bug-Bounty-Hunters
A list of resources for those interested in getting started in bug bounties
bug-bounty-hunters hackers xss bug-bounty learn2hack hacking pentest web-security education ssrf bugbounty
10184
vanhauser-thc / thc-hydra
hydra
penetration-testing password-cracker network-security hydra thc pentesting pentest pentest-tool brute-force brute-force-passwords bruteforce-attacks brute-force-attacks bruteforcing bruteforcer bruteforce password-cracking
Language:C 9092
SecWiki / windows-kernel-exploits
windows-kernel-exploits Windows平台提权漏洞集合
windows kernel exploit tool collections pentest
Language:C 7841
objection
sensepost / objection
📱 objection - runtime mobile exploration
mobile pentest framework ios instrumentation frida security android
Language:Python 7044
Detect-It-Easy
horsicq / Detect-It-Easy
Program for determining types of files for Windows, Linux and MacOS.
debugger detect unpacker disassembler reverse-engineering elf packer detector binary-analysis program-analysis static-analysis entropy malware-analysis malware-research macho mach-o hacktoberfest pentest scanner hacktoberfest2023
Language:JavaScript 6662
yaklang / yakit
Cyber Security ALL-IN-ONE Platform
redteam redteam-tools hacking-tools scanner burpsuite pentest golang blueteam exploit hacking security
Language:TypeScript 6080
K8tools
k8gege / K8tools
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
exploit apt 0day poc getshell pentest hacking scanner privilege-escalation bypass crack netscan brute-force password database
Language:PowerShell 5648
daffainfo / AllAboutBugBounty
All about bug bounty (bypasses, payloads, and etc)
bugbounty bugbountytips bypass payloads reconnaissance bug hacking security payload penetration-testing vulnerability infosec pentest
5438
feroxbuster
epi052 / feroxbuster
A fast, simple, recursive content discovery tool written in Rust.
content-discovery enumeration hacktoberfest pentest pentesting-tool rust url-bruteforcer web
Language:Rust 5345
ihebski / DefaultCreds-cheat-sheet
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
infosec default-password pentesting bugbounty pentest credentials-gathering cheatsheet cybersecurity blueteam offensive-security exploit
Language:Python 5313
reconftw
six2dez / reconftw
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
bugbounty hacking recon pentest subdomain nuclei vulnerabilities scanner fuzzing osint penetration-testing pentesting reconnaissance dns pentest-tool security security-tools bug-bounty
Language:Shell 5280
RedTeam-Tools
A-poc / RedTeam-Tools
Tools and Techniques for Red Team / Penetration Testing
cheatsheet cybersecurity hacking penetration-testing red-team security-tools linux resources tools windows enumeration payload pentest pentest-tools red-team-tools mitre-attack redteam
5250
SecWiki / linux-kernel-exploits
linux-kernel-exploits Linux平台提权漏洞集合
linux kernel exploit tool collection awesome pentest
Language:C 5131
urbanadventurer / WhatWeb
Next generation web scanner
security web scanner ruby penetration-testing kali-linux owasp penetration-testing-tools penetration-test hacking hacking-tools network-security recon appsec application-security pentesting pentesting-tools pentest web-hacking security-tools
Language:Ruby 5128
1earn
ffffffff0x / 1earn
ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
markdown-article linux-learning pentest study security collection blueteam redteam post-penetration ics-security writeup pentest-tool poc ctf security-tools infosec hacking
Language:C++ 5097
onlurking / awesome-infosec
A curated list of awesome infosec courses and training resources.
infosec pentest courses penetration-testing security-professionals lab awesome security
4994
Ladon
k8gege / Ladon
Ladon大型内网渗透工具，可PowerShell模块化、可CS插件化、可内存加载，无文件扫描。含端口扫描、服务识别、网络资产探测、密码审计、高危漏洞检测、漏洞利用、密码读取以及一键GetShell，支持批量A段/B段/C段以及跨网段扫描，支持URL、主机、域名列表扫描等。Ladon 12.2内置262个功能,网络资产探测模块32个通过多种协议(ICMP\NBT\DNS\MAC\SMB\WMI\SSH\HTTP\HTTPS\Exchange\mssql\FTP\RDP)以及方法快速获取目标网络存活主机IP、计算机名、工作组、共享资源、网卡地址、操作系统版本、网站、子域名、中间件、开放服务、路由器、交换机、数据库、打印机等信息，高危漏洞检测16个含MS17010、Zimbra、Exchange
scanner portscan pentest hacking security security-tools security-scanner poc getshell brute-force password netscan tools hack exp ladon ipscanner exploit
Language:PowerShell 4609
evil-winrm
Hackplayers / evil-winrm
The ultimate WinRM shell for hacking/pentesting
winrm shell hacking pentest ruby pentesting pentesting-windows remote-management win-rm evil-winrm pass-the-hash kerberos docker psrp powershell
Language:Ruby 4224
mosint
alpkeskin / mosint
An automated e-mail OSINT tool
osint hacking email-checker social-media email python-hacking pwn data-breach verification-service osint-tool automation socmint information-gathering pentest go
Language:Go 3941
UndeadSec / SocialFish
Phishing Tool & Information Collector
phishing python pentesting undead educational pentest
Language:CSS 3900
coreb1t / awesome-pentest-cheat-sheets
Collection of the cheat sheets useful for pentesting
cheatsheet security-cheat-sheets pentest-cheat-sheets security pentest awesome penetration-testing
3753
lcvvvv / kscan
Kscan是一款纯go开发的全方位扫描器，具备端口扫描、协议检测、指纹识别，暴力破解等功能。支持协议1200+，协议指纹10000+，应用指纹20000+，暴力破解协议10余种。
redteam scanner bruteforce brute-force pentest exploit red-team security webscan fingerprint
Language:Go 3657
t3l3machus / Villain
Villain is a C2 framework that can handle multiple TCP socket & HoaxShell-based reverse shells, enhance their functionality with additional features (commands, utilities etc) and share them among connected sibling servers (Villain instances running on different machines).
c2 cybersecurity hacking hacking-tool offensive-security open-source penetration-testing penetration-testing-tools pentest pentesting readteaming redteam redteam-tools
Language:Python 3590
foospidy / payloads
Git All the Payloads! A collection of web attack payloads.
payload payloads xss sqli web-attack-payloads passwords pentest hacking appsec cybersecurity
Language:Shell 3533
lanjelot / patator
Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.
pentest brute-force
Language:Python 3473
nixawk / pentest-wiki
PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.
pentest security hacking
Language:Python 3328
skerkour / black-hat-rust
Applied offensive security with Rust - https://kerkour.com/black-hat-rust
rust security pentest pentesting offensive-security red-team audit beacon c2 bug-bounty bug-hunting wasm shellcodes scanner phishing trojan virus hacking infosec security-tools
Language:Rust 3047
zan8in / afrog
A Security Tool for Bug Bounty, Pentest and Red Teaming.
afrog bug-bounty penetration-testing pentest poc red-teaming vulnerability-scanner vulnerability-scanning-tools
Language:Go 2848
Ascotbe / Kernelhub
:palm_tree:Linux、macOS、Windows Kernel privilege escalation vulnerability collection, with compilation environment, demo GIF map, vulnerability details, executable file (提权漏洞合集)
exploits cve cve-2021-33739 cve-2021-26868 cve-2021-36934 cve-2021-40444 cve-2021-40449 cve-2021-42287 cve-2021-42278 cve-2021-34486 pentest kernel windows tool cve-2022-21882 cve-2022-26937 cve-2022-30206 cve-2022-33679 cve-2022-34718 linux
Language:C 2837
swisskyrepo / SSRFmap
Automatic SSRF fuzzer and exploitation tool
ssrf server-side-request-forgery exploitation vulnerability ssrfmap pentest ctf hacktoberfest
Language:Python 2780
arainho / awesome-api-security
A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.
api-security api-sec awesome-list api-hacking api-pentest apisec security pentest fuzzing api-hacks api-hunting infosec api-hardening
2762
snoop
snooppr / snoop
Snoop — инструмент разведки на основе открытых данных (OSINT world)
osint termux username-search username-checker pentest web-scraping ctf scanner redteam blueteam infosec security nickname ip geo police parser scraping geocoder username
Language:Python 2712
awesome-nodejs-security
lirantal / awesome-nodejs-security
Awesome Node.js Security resources
nodejs security cybersecurity web-security owasp vulnerabilities pentest infosec hacktoberfest
2583