security-testing

There are 41 repositories under security-testing topic.

• caldera

  mitre / caldera

  Automated Adversary Emulation Platform

  adversary-emulationcalderacybersecurityhackingmitremitre-attackmitre-corporationred-teamsecurity-automationsecurity-testing
  Language:Python 5213

• jassics / security-study-plan

  Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...

  aws-securitystudy-guidestudy-planappsecappsec-tutorialsazure-securitydevsecops-universitygcp-securitypentestingapplication-securitycybersecuritycybersecurity-educationinfosecsecurity-testingstudy-plannerapi-security
  4126

• payloadbox / command-injection-payload-list

  🎯 Command Injection Payload List

  command-injectioninjectionsecurity-vulnerabilityvulnerabilitypayload-listpayloados-injectioncommandosunixlinuxwindowsmacosapplicationapplication-securitybugbountysecuritysecurity-researchvulnerability-researchsecurity-testing
  2672

• opensec-cn / kunpeng

  kunpeng是一个Golang编写的开源POC框架/库，以动态链接库的形式提供各种语言调用，通过此项目可快速开发漏洞检测类的系统。

  proof-of-conceptpoc-librarysecurity-vulnerabilitysecurity-testing
  Language:Go 1647

• wallarm / gotestwaf

  An open-source project in Golang to asess different API Security tools and WAF for detection logic and bypasses

  owaspapi-securitysecuritybugbountysecurity-toolswafweb-application-securityweb-application-firewallsecurity-testinggraphql-securitygrpc-securityrest-security
  Language:Go 1419

• Viralmaniar / Passhunt

  Passhunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.

  passworddefault-credentialsdefault-passwordsecuritypentest-toolpenetration-testingsecurity-testingcybersecurity
  Language:Python 1166

• guardrailsio / awesome-python-security

  Awesome Python Security resources 🕶🐍🔐

  awesomeawesome-listpythonsecuritysecurity-testingsecurity-toolsstatic-analysis
  896
• habu

  fportantier / habu

  Hacking Toolkit

  network-analysisnetworkingscapypython3security-toolshackingpenetration-testingpentestingpentestpentest-toolpentesting-networkssecurity-auditsecurity-testingwindowslinux
  Language:Python 858

• akto-api-security / akto

  Proactive, Open source API security → API discovery, Testing in CI/CD, Test Library with 150+ Tests, Add custom tests, Sensitive data exposure

  api-securityapi-discoveryapi-security-testingapi-testingauthenticationauthorizationdevsecopsidorowasp-top-10securitysecurity-testingsensitive-data-exposurethreat-detectionhacktoberfesthacktoberfest2023devsecops-pipeline
  Language:Java 839

• bl4de / security-tools

  My collection of various security tools created mostly in Python and Bash. For CTFs and Bug Bounty.

  pentestinghackingpythonbugbountyitsecurityctfctf-toolsinfosecwebappsecscannersecurity-toolssecurity-testingbug-bountybug-bountiesstatic-analysis
  Language:Python 764
• secureCodeBox

  secureCodeBox / secureCodeBox

  secureCodeBox (SCB) - continuous secure delivery out of the box

  devsecopshacktoberfestkuberneteskubernetes-operatorowaspowasp-zapsecurecodeboxsecuritysecurity-automationsecurity-testingsecurity-tools
  Language:JavaScript 726

• CaringCaribou / caringcaribou

  A friendly car security exploration tool for the CAN bus

  pythoncan-bussecurity-scannersecurity-testingfuzzingxcpecu
  Language:Python 676

• Anof-cyber / Application-Security

  Resources for Application Security including Web, API, Android, iOS and Thick Client

  androidapplication-securityappsecbugbountycybersecurityhackinginfosecpenetration-testingpenetration-testing-notespentestingsecuritysecurity-testing
  634

• B3nac / InjuredAndroid

  A vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.

  androidandroid-studiosecurity-testingandroid-securitywebviewbug-bountypentestingflutterflutter-securityflutter-xssctfapkvulnerabilitieskotlinkotlin-android
  Language:Kotlin 633

• Marshall-Hallenbeck / red_team_attack_lab

  Red Team Attack Lab for TTP testing & research

  pentestingredteamvagrantansiblepenetration-testinghackingred-teamsecuritylabsecurity-toolsinfosecsecurity-testing
  Language:PowerShell 529

• shodansploit / shodansploit

  🔎 shodansploit > v1.3.0

  shodanshodan-apishodan-clishodan-scriptsshodan-toolshodan-toolsshodan-clientshodan-pythonpython-shodansecuritysecurity-toolssecurity-testingintelligencepython-scriptshodansploitsecurity-researchsecurity-scannersecurity-automation
  Language:Python 515

• guardrailsio / awesome-dotnet-security

  Awesome .NET Security Resources

  awesomeawesome-listdotnetdotnet-coredotnet-frameworksecuritysecurity-testingsecurity-toolsstatic-analysis
  498

• pyhackertarget / hackertarget

  🎯 HackerTarget ToolKit - Tools And Network Intelligence To Help Organizations With Attack Surface Discovery 🎯

  hackertargetsecuritysecurity-toolssecurity-testingzone-transferstraceroutepingping-testreverse-dnsreverse-dns-lookupswhois-lookupreverse-ip-lookupsubnet-lookuphttp-header-checkextract-linksextract-pagesdnsip-location-lookupsecurity-tool
  Language:Python 470

• enkomio / Taipan

  Web application vulnerability scanner

  security-toolssecurity-scannersecurity-automationweb-securityapplication-securitysecuritysecurity-auditsecurity-testinghacking-tooltaipanhackingwebweb-applicationweb-sec-scannerweb-security-research
  454

• rust-fuzz / honggfuzz-rs

  Fuzz your Rust code with Google-developed Honggfuzz !

  fuzzfuzzerhonggfuzzrustfuzzingfuzz-testingsecuritysecurity-toolssecurity-testingcratesrust-fuzzsanitizer
  Language:Rust 441
• nerve

  PaytmLabs / nerve

  NERVE Continuous Vulnerability Scanner

  securitysecurity-toolssecurity-testingvulnerability-scannersvulnerability-assessmentvulnerability-detection
  Language:Python 437

• flipkart-incubator / watchdog

  Watchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.

  security-toolssecuritysecurity-vulnerabilitysecurity-testingvulnerability-managementvulnerability-assessmentpentest-toolpenetration-testing-frameworkcve-databasescve-searchapplication-securitynetwork-securityproduct-securitybugbounty
  Language:Python 407

• security-cheatsheet / metasploit-cheat-sheet

  Metasploit Cheat Sheet 💣

  metasploitmetasploit-frameworkmetasploit-cheat-sheetsecuritysecurity-cheat-sheetsexploitmetasploit-framework-databasemetasploit-databaseexploitation-frameworksecurity-researchsecurity-testingrapid7meterpretermsfvenompayload
  372

• akenofu / OSCP-Cheat-Sheet

  This is my OSCP cheat sheet made by combining a lot of different resources online with a little bit of tweaking. I used this cheat sheet during my exam (Fri, 13 Sep 2019) and during the labs. I can proudly say it helped me pass so I hope it can help you as well ! Good Luck and Try Harder

  cybersecurityoscposcp-guideoscp-journeyoscp-preposcp-toolsoscp5pentestpentestingreadteamingsecuritysecurity-testing
  358

• aktsk / apk-medit

  memory search and patch tool on debuggable apk without root & ndk

  androidandroid-securitysecurity-testingmobile-security-testingmobile-app-securitysecurity-toolsblackhatarsenal
  Language:Go 348

• vectra-ai-research / MAAD-AF

  MAAD Attack Framework - An attack tool for simple, fast & effective security testing of M365 & Entra ID (Azure AD).

  adversary-emulationmicrosoftmicrosoft-azure-securitypowershellsecuritycloud-securitymitrered-teamsecurity-testingazureadcloud-administrationmicrosoft365identity-access-managementmicrosoft-graphttpentra-id
  Language:PowerShell 335

• krabelize / icmpdoor

  ICMP Reverse Shell written in Python 3 and with Scapy (backdoor/rev shell)

  scapyicmp-tunnelreverse-shellicmp-reversehacking-toolsecurity-testingfirewall-bypass
  Language:Python 304
• embark

  e-m-b-a / embark

  EMBArk - The firmware security scanning environment

  linuxiotsecurityfirmwarehackingembedded-systemspenetration-testingembedded-linuxsecurity-toolspentestingvulnerability-scannerssecurity-automationfirmware-toolsfirmware-analysisscannerdata-analysisdjangosecurity-scannersecurity-testingubuntu-server
  Language:Python 296

• guardrailsio / awesome-java-security

  Awesome Java Security Resources 🕶☕🔐

  awesomeawesome-listjavasecuritysecurity-testingsecurity-toolsstatic-analysis
  293

• security-checklist / php-security-check-list

  PHP Security Check List [ EN ] 🌋 ☣️

  phpphp-libraryphp-frameworksecuritysecurity-auditchecklistsecurity-checklistphp-securityphp-security-checkerwebapplicationweb-application-securitybugbountysecurity-researchsecurity-researcherweb-applicationweb-application-frameworksecurity-testing
  292

• jjf012 / gopoc

  用cel-go重现了长亭xray的poc检测功能的轮子

  vulnerability-scannerpocproof-of-conceptsecurity-testing
  Language:Go 288

• redcanaryco / chain-reactor

  Chain Reactor is an open source framework for composing executables that simulate adversary behaviors and techniques on Linux endpoints.

  adversary-simulationelflinuxmitremitre-attacksecuritysecurity-testing
  Language:C 285

• mercedes-benz / sechub

  SecHub provides a central API to test software with different security tools.

  securityorchestrationapiclientserversecdevopssecurity-toolsvulnerability-scannerssecurity-scannerdastsastappseccontinuous-integrationrestbuildk8ssechubsdlcsecurity-automationsecurity-testing
  Language:Java 248
• MacOS-DuckyScripts

  narstybits / MacOS-DuckyScripts

  Presenting a wide range of more than 100 powerful BadUSB scripts exclusively designed for Mac OS & the Flipper Zero device. As the sole curator and maintainer of this repository. Your utilization of these scripts is highly valued, and I sincerely appreciate your support and enthusiasm!

  badusbbadusb-payloadsbash-scriptducky-payloadsduckyscriptflipperflipper-zeroflipperzeropentestingsecurity-testing
  242

• tprynn / web-methodology

  Methodology for high-quality web application security testing - https://github.com/tprynn/web-methodology/wiki

  websecurityweb-applicationweb-application-securityapplication-securityappsecsecurity-testingdocumentation
  200

• trailofbits / siderophile

  Find the ideal fuzz targets in a Rust codebase

  rustfuzzingprogram-analysissecurity-testing
  Language:Rust 194