There are 435 repositories under pentesting topic.
Automatic SQL injection and database takeover tool
⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡
A collection of hacking tools, resources and references to practice ethical hacking.
The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).
API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites
🤖 The Modern Port Scanner 🤖
Web path scanner
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) C2 and post-exploitation framework written in python and C
This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
A swiss army knife for pentesting networks
Attack Surface Management Platform | Sn1perSecurity LLC
Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
Web Pentesting Fuzz 字典,一个就够了。
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.
An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
This is a multi-use bash script for Linux systems to audit wireless networks.
A list of web application security
The all-in-one Red Team extension for Web Pentester 🛠
Next generation web scanner
A Workflow Engine for Offensive Security
Reverse engineering and pentesting for Android applications
Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet
Gather and update all available and newest CVEs with their PoC.
🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩💻
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
Open Source Vulnerability Management Platform
Automated All-in-One OS Command Injection Exploitation Tool.