pentest

There are 330 repositories under pentest topic.

PayloadsAllTheThings
swisskyrepo / PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
bounty bugbounty bypass cheatsheet enumeration hacking hacktoberfest methodology payload payloads penetration-testing pentest privilege-escalation redteam security vulnerability web-application
Language:Python 71561
social-analyzer
qeeqbox / social-analyzer
API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites
analysis analyzer cli information-gathering javascript nodejs nodejs-cli osint pentest pentesting person-profile profile python reconnaissance security-tools social-analyzer social-media sosint username
Language:JavaScript 18277
sundowndev / hacker-roadmap
A collection of hacking tools, resources and references to practice ethical hacking.
hacking hacking-tool penetration-testing roadmap frameworks hacktools pentest web-hacking exploitation post-exploitation information-gathering pentesting security
14789
nahamsec / Resources-for-Beginner-Bug-Bounty-Hunters
A list of resources for those interested in getting started in bug bounties
bug-bounty bug-bounty-hunters bugbounty education hackers hacking learn2hack pentest ssrf web-security xss
11599
vanhauser-thc / thc-hydra
hydra
penetration-testing password-cracker network-security hydra thc pentesting pentest pentest-tool brute-force brute-force-passwords bruteforce-attacks brute-force-attacks bruteforcing bruteforcer bruteforce password-cracking
Language:C 11151
Detect-It-Easy
horsicq / Detect-It-Easy
Program for determining types of files for Windows, Linux and MacOS.
debugger detect unpacker disassembler reverse-engineering elf packer detector binary-analysis program-analysis static-analysis entropy malware-analysis malware-research macho mach-o hacktoberfest pentest scanner hacktoberfest2023
Language:JavaScript 9608
objection
sensepost / objection
📱 objection - runtime mobile exploration
mobile pentest framework ios instrumentation frida security android
Language:Python 8629
SecWiki / windows-kernel-exploits
windows-kernel-exploits Windows平台提权漏洞集合
windows kernel exploit tool collections pentest
Language:C 8501
RedTeam-Tools
A-poc / RedTeam-Tools
Tools and Techniques for Red Team / Penetration Testing
cheatsheet cybersecurity hacking penetration-testing red-team security-tools linux resources tools windows enumeration payload pentest pentest-tools red-team-tools mitre-attack redteam
7720
feroxbuster
epi052 / feroxbuster
A fast, simple, recursive content discovery tool written in Rust.
web pentest pentesting-tool rust url-bruteforcer enumeration content-discovery hacktoberfest
Language:Rust 7174
Orange-Cyberdefense / GOAD
game of active directory
active-directory infrastructure-as-code pentest ansible terraform vagrant
Language:PowerShell 7095
reconftw
six2dez / reconftw
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
bugbounty hacking recon pentest subdomain nuclei vulnerabilities scanner fuzzing osint penetration-testing pentesting reconnaissance dns pentest-tool security security-tools bug-bounty
Language:Shell 6901
yaklang / yakit
Cyber Security ALL-IN-ONE Platform
redteam redteam-tools hacking-tools scanner burpsuite pentest golang blueteam exploit hacking security
Language:TypeScript 6887
daffainfo / AllAboutBugBounty
All about bug bounty (bypasses, payloads, and etc)
bug bugbounty bugbountytips bypass hacking infosec payload payloads penetration-testing pentest reconnaissance security vulnerability
6502
ihebski / DefaultCreds-cheat-sheet
One place for all the default credentials to assist the Blue/Red teamers identifying devices with default password 🛡️
infosec default-password pentesting bugbounty pentest cheatsheet cybersecurity blueteam offensive-security exploit blueteam-tools blueteaming offensive-security-projects soc
Language:Python 6287
urbanadventurer / WhatWeb
Next generation web scanner
security web scanner ruby penetration-testing kali-linux owasp penetration-testing-tools penetration-test hacking hacking-tools network-security recon appsec application-security pentesting pentesting-tools pentest web-hacking security-tools
Language:Ruby 6176
K8tools
k8gege / K8tools
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
exploit 0day poc getshell pentest hacking scanner privilege-escalation bypass crack netscan brute-force password database exp lpe rce
Language:PowerShell 6103
1earn
ffffffff0x / 1earn
ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
markdown-article linux-learning pentest study security collection blueteam redteam post-penetration ics-security writeup pentest-tool poc ctf security-tools infosec hacking
Language:C++ 5598
mosint
alpkeskin / mosint
An automated e-mail OSINT tool
osint hacking email-checker social-media email python-hacking pwn data-breach verification-service osint-tool automation socmint information-gathering pentest go
Language:Go 5572
SecWiki / linux-kernel-exploits
linux-kernel-exploits Linux平台提权漏洞集合
linux kernel exploit tool collection awesome pentest
Language:C 5518
onlurking / awesome-infosec
A curated list of awesome infosec courses and training resources.
infosec pentest courses penetration-testing security-professionals lab awesome security
5506
Ladon
k8gege / Ladon
Ladon大型内网渗透扫描器，PowerShell、Cobalt Strike插件、内存加载、无文件扫描。含端口扫描、服务识别、网络资产探测、密码审计、高危漏洞检测、漏洞利用、密码读取以及一键GetShell，支持批量A段/B段/C段以及跨网段扫描，支持URL、主机、域名列表扫描等。网络资产探测32种协议(ICMP\NBT\DNS\MAC\SMB\WMI\SSH\HTTP\HTTPS\Exchange\mssql\FTP\RDP)或方法快速获取目标网络存活主机IP、计算机名、工作组、共享资源、网卡地址、操作系统版本、网站、子域名、中间件、开放服务、路由器、交换机、数据库、打印机等，大量高危漏洞检测模块MS17010、Zimbra、Exchange
scanner portscan pentest hacking security security-tools security-scanner poc getshell brute-force password netscan tools hack exp ladon ipscanner exploit
Language:C# 5208
evil-winrm
Hackplayers / evil-winrm
The ultimate WinRM shell for hacking/pentesting
winrm shell hacking pentest ruby pentesting pentesting-windows remote-management win-rm evil-winrm pass-the-hash kerberos docker psrp powershell
Language:Ruby 5089
NetExec
Pennyw0rth / NetExec
The Network Execution Tool
active-directory hacking infosec infosectools networks pentest pentest-tool pentest-tools pentesting python python3 red-team security security-tools windows
Language:Python 4902
UndeadSec / SocialFish
Phishing Tool & Information Collector
phishing python pentesting undead educational pentest
Language:CSS 4563
t3l3machus / Villain
Villain is a high level stage 0/1 C2 framework that can handle multiple reverse TCP & HoaxShell-based shells, enhance their functionality with additional features (commands, utilities) and share them among connected sibling servers (Villain instances running on different machines).
open-source pentest pentesting readteaming redteam-tools redteam cybersecurity offensive-security c2 hacking hacking-tool penetration-testing penetration-testing-tools
Language:Python 4264
lcvvvv / kscan
Kscan是一款纯go开发的全方位扫描器，具备端口扫描、协议检测、指纹识别，暴力破解等功能。支持协议1200+，协议指纹10000+，应用指纹20000+，暴力破解协议10余种。
redteam scanner bruteforce brute-force pentest exploit red-team security webscan fingerprint
Language:Go 4214
skerkour / black-hat-rust
Applied offensive security with Rust - https://kerkour.com/black-hat-rust
rust security pentest pentesting offensive-security red-team audit beacon c2 bug-bounty bug-hunting wasm shellcodes scanner phishing trojan virus hacking infosec security-tools
Language:Rust 4180
coreb1t / awesome-pentest-cheat-sheets
Collection of the cheat sheets useful for pentesting
cheatsheet security-cheat-sheets pentest-cheat-sheets security pentest awesome penetration-testing
4174
zan8in / afrog
A Security Tool for Bug Bounty, Pentest and Red Teaming.
vulnerability-scanner poc penetration-testing afrog vulnerability-scanning-tools bug-bounty pentest red-teaming
Language:HTML 4077
foospidy / payloads
Git All the Payloads! A collection of web attack payloads.
payload payloads xss sqli web-attack-payloads passwords pentest hacking appsec cybersecurity
Language:Shell 3846
lanjelot / patator
Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.
pentest brute-force
Language:Python 3798
nixawk / pentest-wiki
PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.
hacking pentest security
Language:Python 3658
arainho / awesome-api-security
A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.
api-security api-sec awesome-list api-hacking api-pentest apisec security pentest fuzzing api-hacks api-hunting infosec api-hardening
3554
snoop
snooppr / snoop
Snoop — инструмент разведки на основе открытых данных (OSINT world)
blueteam ctf geo geocoder infosec ip nickname osint parser pentest police redteam scanner scraping security termux username username-checker username-search web-scraping
Language:Python 3496
swisskyrepo / SSRFmap
Automatic SSRF fuzzer and exploitation tool
ssrf server-side-request-forgery exploitation vulnerability ssrfmap pentest ctf hacktoberfest
Language:Python 3396