pentesting

There are 696 repositories under pentesting topic.

sherlock
sherlock-project / sherlock
Hunt down social media accounts by username across social networks
cli cti cybersecurity forensics hacktoberfest information-gathering infosec linux osint pentesting python python3 reconnaissance redteam sherlock tools
Language:Python 70186
sqlmapproject / sqlmap
Automatic SQL injection and database takeover tool
database detection exploitation pentesting python sql-injection sqlmap takeover vulnerability-scanner
Language:Python 35728
bee-san / Ciphey
⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡
artificial-intelligence cipher cpp cryptography ctf ctf-tools cyberchef-magic decryption deep-neural-network encodings encryptions hacking hacktoberfest hashes natural-language-processing pentesting python
Language:Python 20157
RustScan
bee-san / RustScan
🤖 The Modern Port Scanner 🤖
docker hacking hacktoberfest networking nmap pentesting port rust scanning security security-tools
Language:Rust 18435
social-analyzer
qeeqbox / social-analyzer
API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites
analysis analyzer cli information-gathering javascript nodejs nodejs-cli osint pentest pentesting person-profile profile python reconnaissance security-tools social-analyzer social-media sosint username
Language:JavaScript 18113
maigret
soxoj / maigret
🕵️‍♂️ Collect a dossier on a person by username from thousands of sites
osint social-network identification socmint sherlock investigation namechecker python python3 open-source cybersecurity scraping osint-python redteam blueteam osint-framework cli reconnaissance infosec pentesting
Language:Python 17904
smicallef / spiderfoot
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
footprinting osint threatintel python infosec intelligence-gathering osint-reconnaissance pentesting threat-intelligence security-tools information-gathering cybersecurity cti osint-framework attacksurface osint-tool hacking information-security recon
Language:Python 15807
ffuf / ffuf
Fast web fuzzer written in Go
fuzzer infosec pentesting web
Language:Go 15052
sundowndev / hacker-roadmap
A collection of hacking tools, resources and references to practice ethical hacking.
hacking hacking-tool penetration-testing roadmap frameworks hacktools pentest web-hacking exploitation post-exploitation information-gathering pentesting security
14772
maurosoria / dirsearch
Web path scanner
appsec brute bug-bounty bugbounty dirsearch enumeration fuzzer fuzzing hacking hacking-tool infosec penetration-testing pentest-tool pentesting python red-teaming redteam scanner security wordlist
Language:Python 13620
OJ / gobuster
Directory/File, DNS and VHost busting tool written in Go
go pentesting tool dns web
Language:Go 12841
OWASP / mastg
The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes technical processes for verifying the OWASP Mobile Security Weakness Enumeration (MASWE) weaknesses, which are in alignment with the OWASP MASVS.
android android-application compliancy-checklist dynamic-analysis hacking ios ios-app mast mastg mobile-app mobile-security mstg network-analysis pentesting reverse-engineering reverse-enginnering runtime-analysis static-analysis testing-cryptography
Language:Python 12545
juice-shop
juice-shop / juice-shop
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
owasp javascript vulnerable hacking application-security owasp-top-10 owasp-top-ten pentesting vulnapp appsec ctf hacktoberfest 24pullrequests security
Language:TypeScript 11954
vanhauser-thc / thc-hydra
hydra
penetration-testing password-cracker network-security hydra thc pentesting pentest pentest-tool brute-force brute-force-passwords bruteforce-attacks brute-force-attacks bruteforcing bruteforcer bruteforce password-cracking
Language:C 11140
HackTricks-wiki / hacktricks
Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
hacktricks pentesting hacking peass
Language:JavaScript 10503
infosecn1nja / Red-Teaming-Toolkit
This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
red-team hacking infosec pentesting
9912
Sn1per
1N3 / Sn1per
Attack Surface Management Platform
attack-surface attack-surface-management attacksurface bugbounty-platform cybersecurity hacking hacking-tools osint-framework osint-tool penetration-testing pentest-scripts pentest-tool pentest-tools pentesting pentesting-tools security security-tools sn1per sn1per-professional
Language:Shell 9198
blacklanternsecurity / bbot
The recursive internet scanner for hackers. 🧡
hacking neo4j osint osint-framework python subdomain-enumeration automation recon cli scanner bugbounty pentesting recursion subdomain-scanner subdomains asm attack-surface-management threat-intelligence threatintel easm
Language:Python 9107
promptfoo / promptfoo
Test your prompts, agents, and RAGs. AI Red teaming, pentesting, and vulnerability scanning for LLMs. Compare performance of GPT, Claude, Gemini, Llama, and more. Simple declarative configs with command line and CI/CD integration.
ci ci-cd cicd evaluation evaluation-framework llm llm-eval llm-evaluation llm-evaluation-framework llmops pentesting prompt-engineering prompt-testing prompts rag red-teaming testing vulnerability-scanners
Language:TypeScript 9013
hetty
dstotijn / hetty
An HTTP toolkit for security research.
bugbounty http infosec mitm pentesting proxy
Language:Go 8988
CrackMapExec
byt3bl33d3r / CrackMapExec
A swiss army knife for pentesting networks
active-directory networks pentesting powershell python windows
Language:Python 8962
n1nj4sec / pupy
Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) C2 and post-exploitation framework written in python and C
pupy python remote-access post-exploitation pentesting windows linux android rat shell reverse-shell reflective-injection backdoor payload meterpreter remote-admin-tool mac-os
Language:Python 8863
wstg
OWASP / wstg
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
best-practices guide owasp bugbounty penetration-testing pentesting application-security security hacktoberfest appsec hacking
Language:Dockerfile 8524
rengine
yogeshojha / rengine
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.
bug-bounty bugbounty hacking information-gathering infosec osint penetration-testing pentesting recon recon-engine reconnaissance rengine scanner scanner-web scanning security-tools
Language:HTML 8270
TheKingOfDuck / fuzzDicts
You Know, For WEB Fuzzing ! 日站用的字典。
fuzzing fuzz-testing pentesting username password directory paramter wfuzz fuzzer
Language:Python 8141
lamda
firerpa / lamda
The most powerful Android RPA agent framework, next generation of mobile automation robots.
adb agents ai android appium automation dynamic-analysis frida magisk mcp mcp-server mobile-security pentesting remote-control reverse-engineering security uiautomation uiautomator2 workflow xposed
Language:Python 7383
trickest / cve
Gather and update all available and newest CVEs with their PoC.
poc cve cve-poc latest-cve vulnerability vulnerabilities software-vulnerabilities software-security exploit security infosec hacking pentesting penetration-testing red-team security-tools software-vulnerability
Language:HTML 7335
airgeddon
v1s1t0r1sh3r3 / airgeddon
This is a multi-use bash script for Linux systems to audit wireless networks.
evil-twin wps security beef sslstrip bash sniffing wireless aircrack handshake linux hacking pentesting pixie-dust wep denial-of-service enterprise pmkid wpa-wpa2-wpa3 multi-band
Language:Shell 7274
reconftw
six2dez / reconftw
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
bug-bounty bugbounty dns fuzzing hacking nuclei osint penetration-testing pentest pentest-tool pentesting recon reconnaissance scanner security security-tools subdomain vulnerabilities
Language:Shell 6895
awesome-shodan-queries
jakejarvis / awesome-shodan-queries
🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻
shodan infosec pentesting iot internet-of-things security awesome awesome-list hacking penetration-testing shodan-dorks dorks network-infrastructure security-tools security-scanner cloud
6888
infoslack / awesome-web-hacking
A list of web application security
penetration-testing web-hacking vulnerabilities scanner hacking hacking-tools metasploit web-security appsec owasp pentesting security vulnerability
6540
S1ckB0y1337 / Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
activedirectory active-directory cheatsheet active-directory-cheatsheet active-directory-exploitation security pentesting penetration-testing hacking hacking-cheasheet hacking-tools hacking-tool cheat cheat-sheet exploitation privilege-escalation enumeration attack windows-active-directory windows
6370
ihebski / DefaultCreds-cheat-sheet
One place for all the default credentials to assist the Blue/Red teamers identifying devices with default password 🛡️
infosec default-password pentesting bugbounty pentest cheatsheet cybersecurity blueteam offensive-security exploit blueteam-tools blueteaming offensive-security-projects soc
Language:Python 6286
urbanadventurer / WhatWeb
Next generation web scanner
application-security appsec hacking hacking-tools kali-linux network-security owasp penetration-test penetration-testing penetration-testing-tools pentest pentesting pentesting-tools recon ruby scanner security security-tools web web-hacking
Language:Ruby 6171
infobyte / faraday
Open Source Vulnerability Management Platform
devops penetration-testing vulnerability vulnerability-scanners security security-audit pentesting continuous-scanning infosec vulnerability-management collaboration burpsuite nessus nmap devsecops security-automation orchestration cve appsec cybersecurity
Language:Python 6011
flipperzero-firmware-wPlugins
RogueMaster / flipperzero-firmware-wPlugins
RogueMaster Flipper Zero Firmware
flipper flipperzero games flipperzer0 flipper-zero jailbreak hacker pentesting security-tools armv7m ble onewire stm32 bluetooth-low-energy roguemaster custom-firmware cfw
Language:C 5974