pentesting

There are 544 repositories under pentesting topic.

sqlmapproject / sqlmap
Automatic SQL injection and database takeover tool
sql-injection detection exploitation takeover python database pentesting vulnerability-scanner sqlmap
Language:Python 30716
Ciphey / Ciphey
⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡
decryption natural-language-processing cryptography cipher artificial-intelligence ctf-tools ctf cpp python hacking pentesting deep-neural-network hashes cyberchef-magic encryptions encodings hacktoberfest
Language:Python 17121
RustScan
RustScan / RustScan
🤖 The Modern Port Scanner 🤖
docker hacking hacktoberfest networking nmap pentesting port rust scanning security security-tools
Language:Rust 12703
sundowndev / hacker-roadmap
A collection of hacking tools, resources and references to practice ethical hacking.
hacking hacking-tool penetration-testing roadmap frameworks hacktools pentest web-hacking exploitation post-exploitation information-gathering pentesting security
12669
smicallef / spiderfoot
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
footprinting osint threatintel python infosec intelligence-gathering osint-reconnaissance pentesting threat-intelligence security-tools information-gathering cybersecurity cti osint-framework attacksurface osint-tool hacking information-security recon
Language:Python 11830
ffuf / ffuf
Fast web fuzzer written in Go
fuzzer infosec pentesting web
Language:Go 11518
maurosoria / dirsearch
Web path scanner
appsec brute bug-bounty bugbounty dirsearch enumeration fuzzer fuzzing hacking hacking-tool infosec penetration-testing pentest-tool pentesting python red-teaming redteam scanner security wordlist
Language:Python 11322
OWASP / owasp-mastg
The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).
mobile-app pentesting android-application ios-app runtime-analysis network-analysis static-analysis reverse-engineering dynamic-analysis mobile-security android ios hacking reverse-enginnering mstg testing-cryptography compliancy-checklist mast mastg
Language:Python 11319
social-analyzer
qeeqbox / social-analyzer
API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites
osint social-media analyzer username profile reconnaissance pentest information-gathering pentesting social-analyzer person-profile javascript nodejs python security-tools analysis nodejs-cli cli sosint
Language:JavaScript 11130
juice-shop
juice-shop / juice-shop
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
24pullrequests application-security appsec ctf hacking hacktoberfest javascript owasp owasp-top-10 owasp-top-ten pentesting security vulnapp vulnerable
Language:TypeScript 9602
vanhauser-thc / thc-hydra
hydra
penetration-testing password-cracker network-security hydra thc pentesting pentest pentest-tool brute-force brute-force-passwords bruteforce-attacks brute-force-attacks bruteforcing bruteforcer bruteforce password-cracking
Language:C 9086
OJ / gobuster
Directory/File, DNS and VHost busting tool written in Go
dns go pentesting tool web
Language:Go 9060
infosecn1nja / Red-Teaming-Toolkit
This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
hacking infosec pentesting red-team
8564
HackTricks-wiki / hacktricks
Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
hacktricks pentesting hacking peass
Language:Python 8246
CrackMapExec
byt3bl33d3r / CrackMapExec
A swiss army knife for pentesting networks
python active-directory pentesting windows powershell networks
Language:Python 8149
n1nj4sec / pupy
Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) C2 and post-exploitation framework written in python and C
pupy python remote-access post-exploitation pentesting windows linux android rat shell reverse-shell reflective-injection backdoor payload meterpreter remote-admin-tool mac-os
Language:Python 8148
Sn1per
1N3 / Sn1per
Attack Surface Management Platform
sn1per sn1per-professional bugbounty-platform attack-surface cybersecurity pentest-tool pentesting-tools pentest-scripts pentest-tools hacking-tools osint-tool osint-framework attacksurface penetration-testing pentesting security-tools attack-surface-management hacking security
Language:Shell 7569
TheKingOfDuck / fuzzDicts
Web Pentesting Fuzz 字典,一个就够了。
directory fuzz-testing fuzzer fuzzing paramter password pentesting username wfuzz
Language:Python 7074
rengine
yogeshojha / rengine
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.
security-tools osint recon recon-engine reconnaissance scanner scanner-web rengine information-gathering bugbounty hacking scanning pentesting bug-bounty infosec penetration-testing
Language:Python 7010
wstg
OWASP / wstg
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
best-practices guide owasp bugbounty penetration-testing pentesting application-security security hacktoberfest appsec hacking
Language:Dockerfile 6753
trickest / cve
Gather and update all available and newest CVEs with their PoC.
cve cve-poc exploit hacking infosec latest-cve penetration-testing pentesting poc red-team security security-tools software-security software-vulnerabilities software-vulnerability vulnerabilities vulnerability
Language:HTML 6121
airgeddon
v1s1t0r1sh3r3 / airgeddon
This is a multi-use bash script for Linux systems to audit wireless networks.
evil-twin wps security beef sslstrip bash sniffing wireless aircrack handshake linux hacking pentesting pixie-dust wep denial-of-service 5ghz enterprise pmkid wpa-wpa2-wpa3
Language:Shell 6068
hetty
dstotijn / hetty
An HTTP toolkit for security research.
bugbounty http infosec mitm pentesting proxy
Language:Go 5927
infoslack / awesome-web-hacking
A list of web application security
penetration-testing web-hacking vulnerabilities scanner hacking hacking-tools metasploit web-security appsec owasp pentesting security vulnerability
5454
rmusser01 / Infosec_Reference
An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
blueteam forensics hacking hacking-simulator hacktoberfest hacktoberfest2021 information-security infosec infosec-reference linux osx penetration-testing pentesting privilege-escalation privilege-escalation-exploits red-team references reverse-engineering windows
Language:CSS 5370
ihebski / DefaultCreds-cheat-sheet
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
infosec default-password pentesting bugbounty pentest credentials-gathering cheatsheet cybersecurity blueteam offensive-security exploit
Language:Python 5306
reconftw
six2dez / reconftw
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
bugbounty hacking recon pentest subdomain nuclei vulnerabilities scanner fuzzing osint penetration-testing pentesting reconnaissance dns pentest-tool security security-tools bug-bounty
Language:Shell 5267
urbanadventurer / WhatWeb
Next generation web scanner
security web scanner ruby penetration-testing kali-linux owasp penetration-testing-tools penetration-test hacking hacking-tools network-security recon appsec application-security pentesting pentesting-tools pentest web-hacking security-tools
Language:Ruby 5125
osmedeus
j3ssie / osmedeus
A Workflow Engine for Offensive Security
scanning reconnaissance penetration-testing security-tools pentest-tool hacking-tool information-gathering hacking osint bugbounty pentesting golang security go bug-bounty attack-surface attack-surface-management
Language:Go 5102
awesome-shodan-queries
jakejarvis / awesome-shodan-queries
🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻
awesome awesome-list cloud dorks hacking infosec internet-of-things iot network-infrastructure penetration-testing pentesting security security-scanner security-tools shodan shodan-dorks
5087
S1ckB0y1337 / Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
activedirectory active-directory cheatsheet active-directory-cheatsheet active-directory-exploitation security pentesting penetration-testing hacking hacking-cheasheet hacking-tools hacking-tool cheat cheat-sheet exploitation privilege-escalation enumeration attack windows-active-directory windows
5079
androguard / androguard
Reverse engineering and pentesting for Android applications
android dalvik reverse-engineering dex odex pentesting
Language:Python 4966
flipperzero-firmware-wPlugins
RogueMaster / flipperzero-firmware-wPlugins
RogueMaster Flipper Zero Firmware
armv7m ble bluetooth-low-energy cfw custom-firmware flipper flipper-zero flipperzer0 flipperzero games hacker jailbreak onewire pentesting roguemaster security-tools stm32
Language:C 4891
Cheatsheet-God
OlivierLaflamme / Cheatsheet-God
Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet
penetration-testing security hacking cheatsheet oscp information-security pentesting howto-tutorial refresher penetration-test cheatsheet-god oscp5 oscp-tools oscp-journey penetration security-tools security-vulnerability hacking-tool hacking-code awesome
4739
infobyte / faraday
Open Source Vulnerability Management Platform
devops penetration-testing vulnerability vulnerability-scanners security security-audit pentesting continuous-scanning infosec vulnerability-management collaboration burpsuite nessus nmap devsecops security-automation orchestration cve appsec cybersecurity
Language:Python 4636
DominicBreuker / pspy
Monitor linux processes without root permissions
ctf pentesting privesc enumeration golang security
Language:Go 4597