pentest-tool

There are 94 repositories under pentest-tool topic.

• maurosoria / dirsearch

  Web path scanner

  fuzzerfuzzingpythonsecuritydirsearchhackingpentestingpenetration-testingbug-bountyappsecwordlisthacking-toolinfosecbrutescannerbugbountyenumerationpentest-tool
  Language:Python 8178

• vanhauser-thc / thc-hydra

  hydra

  penetration-testingpassword-crackernetwork-securityhydrathcpentestingpentestpentest-toolbrute-forcebrute-force-passwordsbruteforce-attacksbrute-force-attacksbruteforcingbruteforcerbruteforcepassword-cracking
  Language:C 6305
• Sn1per

  1N3 / Sn1per

  Attack Surface Management Platform | Sn1perSecurity LLC

  sn1persn1per-professionalbugbounty-toolbugbounty-platformattack-surfaceredteam-toolscybersecuritypentest-toolpentesting-toolspentest-scriptspentest-toolshacking-toolsosint-toolosint-frameworkattacksurfacesn1persecuritypenetration-testingpentestingsecurity-tools
  Language:Shell 5366
• OneForAll

  shmilylty / OneForAll

  OneForAll是一款功能强大的子域收集工具

  subdomainsubdomain-scannersubdomain-enumerationsubdomain-bruteforcingsubdomain-collectionsubdomian-findsubdomain-takeoversubdomain-crawleroneforallpythonosintbugbountypentest-toolinformation-gatheringzone-transfersaltnamereconnseccontent-security-policycrossdomainxml
  Language:Python 5083

• moonD4rk / HackBrowserData

  Decrypt passwords/cookies/history/bookmarks from the browser. 一款可全平台运行的浏览器数据导出解密工具。

  chromemacoswindowspentest-toolhackingedgefirefoxgolangbrowserbrowser-extension
  Language:Go 4872

• j3ssie / osmedeus

  A Workflow Engine for Offensive Security

  scanningreconnaissancepenetration-testingsecurity-toolspentest-toolhacking-toolinformation-gatheringhackingosintosmedeusbugbountypentestinggolangsecuritygobug-bounty
  Language:Go 3916
• Hack-Tools

  LasCC / Hack-Tools

  The all-in-one Red Team extension for Web Pentester 🛠

  pentestingred-teamred-teamingpentest-toolcybersecurityreverse-shellhackinghack-toolschrome-extensionfirefox-addonhacking-toolshacktoolspayloadsxss-payloadsweb-pentestershackmsfvenommetasploithackbar
  Language:TypeScript 3470

• projectdiscovery / httpx

  httpx is a fast and multi-purpose HTTP toolkit allows to run multiple probers using retryablehttp library, it is designed to maintain the result reliability with increased threads.

  httpbugbountyssl-certificatepipelinepentest-toolcybersecurityosinthacktoberfest
  Language:Go 3366
• 1earn

  ffffffff0x / 1earn

  ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

  markdown-articlelinux-learningpenteststudysecuritycollectionblueteamredteampost-penetrationics-securitywriteuppentest-toolpocctfsecurity-toolsinfosechacking
  Language:C++ 3343

• arismelachroinos / lscript

  The LAZY script will make your life easier, and of course faster.

  kali-scriptskali-linuxshell-scriptpayload-generatorpayloadwifi-testingpenetration-testingpentestingpentest-toolwifi-passwordwpa2-handshakewpa-crackerpixie-dustmetasploit-frameworketernalblue-doublepulsar-metasploitwifiphisherantivirus-evasionbypass-avbypass-antivirussqlinjection
  Language:Shell 3300

• gnebbia / kb

  A minimalist command line knowledge base manager

  knowledgecheatsheetsproceduresmethodologypentest-toolknowledge-basertfmnotesnotes-management-systemclinotebook
  Language:Python 2862

• TophantTechnology / ARL

  ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产，构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产，发现存在的薄弱点和攻击面。

  arlasset-reconnaissance-lighthousebugbountypentest-toolpythonreconsecurity-tools
  Language:Python 2768

• zhzyker / vulmap

  Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞验证功能

  exploitcvercevulnerabilitiescve-2016-4437securitysecurity-toolspentestingpentest-toolcve-2020-14882cve-2020-2555cve-2020-2883scannercve-2020-13942cve-2020-17518cve-2021-21972cve-2021-26855cve-2021-27065cve-2021-21975cve-2021-3129
  Language:Python 2512

• evyatarmeged / Raccoon

  A high performance offensive security tool for reconnaissance and vulnerability scanning

  enumerationfuzzinghackinghacking-toolinformation-gatheringoffensive-securityosintpentest-toolpentestingraccoonreconnaissancescannersecurity-scannervulnerability-assessmentvulnerability-scanner
  Language:Python 2509

• H4ckForJob / dirmap

  An advanced web directory & file scanning tool that will be more powerful than DirBuster, Dirsearch, cansina, and Yu Jian.一个高级web目录、文件扫描工具，功能将会强于DirBuster、Dirsearch、cansina、御剑。

  scannerscanner-webdirscannerpentest-tool
  Language:Python 2370

• S3cur3Th1sSh1t / WinPwn

  Automation for internal Windows Penetrationtest / AD-Security

  adsecurityautomationexploitationpentest-toolpentestingpowershellpowersploitprivilege-escalationreconredteam
  Language:PowerShell 2337

• evilcos / xssor2

  XSS'OR - Hack with JavaScript.

  csrfencodinghackhacking-toolpentestpentest-toolprobexss
  Language:JavaScript 1999

• Mr-xn / BurpSuite-collections

  有关burpsuite的插件(非商店),文章以及使用技巧的收集(此项目不再提供burpsuite破解文件,如需要请在博客mrxn.net下载)---Collection of burpsuite plugins (non-stores), articles and tips for using Burpsuite, no crack version file

  burp-extensionsburp-requestsburpsuiteburpsuite-extenderburpsuite-javaburpsuite-toolsburpsuite-xkeyshackbarhacktoolj2eescanjarpentest-toolpentestingpython-burpsendtoshiro-burpsqlmapwaf
  Language:Python 1945

• cujanovic / SSRF-Testing

  SSRF (Server Side Request Forgery) testing resources

  ssrfpentestpentest-toolpentestingserver-side-request-forgery
  Language:Python 1920

• itm4n / PrivescCheck

  Privilege Escalation Enumeration Script for Windows

  pentest-toolpentestingprivilege-escalationwindowswindows-privilege-escalation
  Language:PowerShell 1670

• Dliv3 / Venom

  Venom - A Multi-hop Proxy for Penetration Testers

  pentestingpentest-toolredteamctfproxygolangsecurityvenomsocks5ssh-tunnelport-forwardport-reusetunnel
  Language:Go 1564
• SUDO_KILLER

  TH3xACE / SUDO_KILLER

  A tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo for linux privilege escalation.

  sudo-exploitationabuse-sudoctfexploitscvepentestpentest-toolprivilege-escalationsudolinux-exploitsmisconfigurationoscposcp-toolsoscp-journeyoscp-prep
  Language:Shell 1544

• christophetd / CloudFlair

  🔎 Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.

  cloudflarepentest-toolpentestcensys
  Language:Python 1484

• ph4ntonn / Stowaway

  👻Stowaway -- Multi-hop Proxy Tool for pentesters

  golangsshtunneleccpentestingsecurity-toolsencryptstowawaysocks5securitypentest-toolredteamctfmulti-hopport-forward
  Language:Go 1465

• D4Vinci / One-Lin3r

  Gives you one-liners that aids in penetration testing operations, privilege escalation and more

  databasehackinghacking-toolkali-linuxlinerliners-databaselinuxmetasploitmultiplatformone-linerone-linersosespayloads-databasepenetration-testingpentest-toolpentesting-windowsreverseweb-based-attacksweb-deliverywindows-hacking
  Language:Python 1439
• FinalRecon

  thewhiteh4t / FinalRecon

  The Last Web Recon Tool You'll Need

  python3pentestingpentest-toolpentesting-toolswebpentestreconnaissanceweb-reconnaissanceweb-penetration-testingthewhiteh4tfinalreconssl-certificatedns-enumerationtraceroutewhoiscrawlerdirectory-searchjavascript-crawlerheaderssubdomain-enumerationport-scanning
  Language:Python 1437

• neoneggplant / EggShell

  iOS/macOS/Linux Remote Administration Tool

  iosmacospentest-toolpentest-scriptsinformation-securitymetasploitexploitationremote-admin-toolmeterpreterreverse-shelljailbreak
  Language:Objective-C 1431

• cytopia / pwncat

  pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)

  netcatncatncport-forwardingportforwardremote-shellbind-shellreverse-shellremote-port-forwardremote-port-forwardinglocal-port-forwardlocal-port-forwardingpentestingpenetration-testingpentestpentest-toolpentesting-toolpivotingpwncatcytopia-sec
  Language:Shell 1418

• TryCatchHCF / Cloakify

  CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

  av-evasionciphercryptographydata-exfiltrationdlpexfiltrationhackinghacking-toolhacking-toolsinfosecpentestpentest-toolpentest-toolspentestingprivacyred-teamsecuritysecurity-toolssteganographystego
  Language:Python 1286

• jeffzh3ng / fuxi

  Penetration Testing Platform

  securityvulnerabilitypentest-toolpenetration-testing
  Language:Python 1211

• quentinhardy / odat

  ODAT: Oracle Database Attacking Tool

  oracle-databasepentestpentest-toolprivilege-escalation
  Language:Python 1198

• Adminisme / ServerScan

  ServerScan一款使用Golang开发的高并发网络扫描、服务探测工具。

  serverscanpentest-toolsecurity-scannergolangservice-discoveryport-scanner-in-gowinlinuxmacoscobalt-strikenmap
  Language:Go 1173

• zhzyker / dismap

  Asset discovery and identification tools 快速识别 Web 指纹信息，定位资产类型。辅助红队快速定位目标资产信息，辅助蓝队发现疑似脆弱点

  identificationsecurity-toolswebscangolang-toolsredteamredteam-toolssecurity-scansecuritypentest-toolspentest-toolcybersecurityfingerprintfingerprint-scannerdetection
  Language:Go 1161
• top25-parameter

  lutfumertceylan / top25-parameter

  For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙

  vulnerability-detectionvulnerability-researchbugbountypentestingpentest-toolbugbountytipssecurityinfosecxss-detection
  1143

• nccgroup / house

  A runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python.

  androidfridamobilepentest-tool
  Language:JavaScript 1126

• itm4n / PrintSpoofer

  Abusing Impersonation Privileges on Windows 10 and Server 2019

  pentest-toolwindows-privilege-escalation
  Language:C 1121