security-testing

There are 47 repositories under security-testing topic.

caldera
mitre / caldera
Automated Adversary Emulation Platform
adversary-emulation caldera cybersecurity hacking hacktoberfest mitre mitre-attack mitre-corporation red-team security-automation security-testing
Language:Python 6529
jassics / security-study-plan
Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...
api-security application-security appsec appsec-tutorials aws-security azure-security cybersecurity cybersecurity-education devsecops-university gcp-security infosec pentesting security-testing study-guide study-plan study-planner
4747
payloadbox / command-injection-payload-list
🎯 Command Injection Payload List
command-injection injection security-vulnerability vulnerability payload-list payload os-injection command os unix linux windows macos application application-security bugbounty security security-research vulnerability-research security-testing
3610
wallarm / gotestwaf
An open-source project in Golang to asess different API Security tools and WAF for detection logic and bypasses
owasp api-security security bugbounty security-tools waf web-application-security web-application-firewall security-testing graphql-security grpc-security rest-security
Language:Go 1728
opensec-cn / kunpeng
kunpeng是一个Golang编写的开源POC框架/库，以动态链接库的形式提供各种语言调用，通过此项目可快速开发漏洞检测类的系统。
proof-of-concept poc-library security-vulnerability security-testing
Language:Go 1673
akto-api-security / akto
Proactive, Open source API security → API discovery, API Security Posture, Testing in CI/CD, Test Library with 1000+ Tests, Add custom tests, Sensitive data exposure
api-security api-discovery api-security-testing api-testing authentication authorization devsecops idor owasp-top-10 security security-testing sensitive-data-exposure threat-detection hacktoberfest hacktoberfest2023 devsecops-pipeline api-security-posture
Language:Java 1398
Viralmaniar / Passhunt
Passhunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.
password default-credentials default-password security pentest-tool penetration-testing security-testing cybersecurity
Language:Python 1295
guardrailsio / awesome-python-security
Awesome Python Security resources 🕶🐍🔐
python security security-testing awesome-list security-tools awesome static-analysis
946
habu
fportantier / habu
Hacking Toolkit
network-analysis networking scapy python3 security-tools hacking penetration-testing pentesting pentest pentest-tool pentesting-networks security-audit security-testing windows linux
Language:Python 940
secureCodeBox
secureCodeBox / secureCodeBox
secureCodeBox (SCB) - continuous secure delivery out of the box
devsecops hacktoberfest kubernetes kubernetes-operator owasp securecodebox security security-automation security-testing security-tools zaproxy
Language:JavaScript 918
bl4de / security-tools
My collection of various security tools created mostly in Python and Bash. For CTFs and Bug Bounty.
pentesting hacking python bugbounty itsecurity ctf ctf-tools infosec webappsec scanner security-tools security-testing bug-bounty bug-bounties static-analysis
Language:Python 901
CaringCaribou / caringcaribou
A friendly car security exploration tool for the CAN bus
python can-bus security-scanner security-testing fuzzing xcp ecu
Language:Python 858
pentagi
vxcontrol / pentagi
✨ Fully autonomous AI Agents system capable of performing complex penetration testing tasks
ai-agents ai-security-tool anthropic autonomous-agents golang gpt graphql multi-agent-system offensive-security open-source openai penetration-testing penetration-testing-tools react security-automation security-testing security-tools self-hosted
Language:Go 799
B3nac / InjuredAndroid
A vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.
android android-studio security-testing android-security webview bug-bounty pentesting flutter flutter-security flutter-xss ctf apk vulnerabilities kotlin kotlin-android
Language:Kotlin 723
Anof-cyber / Application-Security
Resources for Application Security including Web, API, Android, iOS and Thick Client
android application-security appsec bugbounty cybersecurity hacking infosec penetration-testing penetration-testing-notes pentesting security security-testing
686
Marshall-Hallenbeck / red_team_attack_lab
Red Team Attack Lab for TTP testing & research
pentesting redteam vagrant ansible penetration-testing hacking red-team security lab security-tools infosec security-testing
Language:PowerShell 580
shodansploit / shodansploit
🔎 shodansploit > v1.3.0
shodan shodan-api shodan-cli shodan-scripts shodan-tool shodan-tools shodan-client shodan-python python-shodan security security-tools security-testing intelligence python-script shodansploit security-research security-scanner security-automation
Language:Python 536
guardrailsio / awesome-dotnet-security
Awesome .NET Security Resources
dotnet dotnet-core dotnet-framework security security-tools static-analysis security-testing awesome awesome-list
519
pyhackertarget / hackertarget
🎯 HackerTarget ToolKit - Tools And Network Intelligence To Help Organizations With Attack Surface Discovery 🎯
hackertarget security security-tools security-testing zone-transfers traceroute ping ping-test reverse-dns reverse-dns-lookups whois-lookup reverse-ip-lookup subnet-lookup http-header-check extract-links extract-pages dns ip-location-lookup security-tool
Language:Python 510
rust-fuzz / honggfuzz-rs
Fuzz your Rust code with Google-developed Honggfuzz !
fuzz fuzzer honggfuzz rust fuzzing fuzz-testing security security-tools security-testing crates rust-fuzz sanitizer
Language:Rust 492
cyproxio / mcp-for-security
MCP for Security: A collection of Model Context Protocol servers for popular security tools like SQLMap, FFUF, NMAP, Masscan and more. Integrate security testing and penetration testing into AI workflows.
ai-assistants ai-security cybersecurity hacking-tools mcp model-context-protocol pentesting security-automation security-testing security-tools web-security security-integrations mcp-pentest mcp-security mcp-ai
Language:TypeScript 468
enkomio / Taipan
Web application vulnerability scanner
security-tools security-scanner security-automation web-security application-security security security-audit security-testing hacking-tool taipan hacking web web-application web-sec-scanner web-security-research
464
nerve
PaytmLabs / nerve
NERVE Continuous Vulnerability Scanner
security security-tools security-testing vulnerability-scanners vulnerability-assessment vulnerability-detection
Language:Python 457
security-cheatsheet / metasploit-cheat-sheet
Metasploit Cheat Sheet 💣
metasploit metasploit-framework metasploit-cheat-sheet security security-cheat-sheets exploit metasploit-framework-database metasploit-database exploitation-framework security-research security-testing rapid7 meterpreter msfvenom payload
457
MacOS-DuckyScripts
narstybits / MacOS-DuckyScripts
Presenting a wide range of more than 100 powerful BadUSB scripts exclusively designed for Mac OS & the Flipper Zero device. As the sole curator and maintainer of this repository. Your utilization of these scripts is highly valued, and I sincerely appreciate your support and enthusiasm!
badusb badusb-payloads bash-script ducky-payloads duckyscript flipper flipper-zero flipperzero pentesting security-testing
437
flipkart-incubator / watchdog
Watchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.
security-tools security security-vulnerability security-testing vulnerability-management vulnerability-assessment pentest-tool penetration-testing-framework cve-databases cve-search application-security network-security product-security bugbounty
Language:Python 421
vectra-ai-research / MAAD-AF
MAAD Attack Framework - An attack tool for simple, fast & effective security testing of M365 & Entra ID (Azure AD).
adversary-emulation microsoft microsoft-azure-security powershell security cloud-security mitre red-team security-testing azuread cloud-administration microsoft365 identity-access-management microsoft-graph ttp entra-id
Language:PowerShell 407
sterrasec / apk-medit
memory search and patch tool on debuggable apk without root & ndk
android android-security security-testing mobile-security-testing mobile-app-security security-tools blackhat arsenal
Language:Go 405
krabelize / icmpdoor
ICMP Reverse Shell written in Python 3 and with Scapy (backdoor/rev shell)
scapy icmp-tunnel reverse-shell icmp-reverse hacking-tool security-testing firewall-bypass
Language:Python 374
akenofu / OSCP-Cheat-Sheet
This is my OSCP cheat sheet made by combining a lot of different resources online with a little bit of tweaking. I used this cheat sheet during my exam (Fri, 13 Sep 2019) and during the labs. I can proudly say it helped me pass so I hope it can help you as well ! Good Luck and Try Harder
oscp oscp-prep oscp-guide oscp-tools oscp-journey oscp5 security security-testing pentesting pentest readteaming cybersecurity
366
embark
e-m-b-a / embark
EMBArk - The firmware security scanning environment
data-analysis django embedded-linux embedded-systems firmware firmware-analysis firmware-tools hacking iot linux penetration-testing pentesting scanner security security-automation security-scanner security-testing security-tools ubuntu-server vulnerability-scanners
Language:Python 365
mercedes-benz / sechub
SecHub provides a central API to test software with different security tools.
security orchestration api client server secdevops security-tools vulnerability-scanners security-scanner dast sast appsec continuous-integration rest build k8s sechub sdlc security-automation security-testing
Language:Java 347
redcanaryco / chain-reactor
Chain Reactor is an open source framework for composing executables that simulate adversary behaviors and techniques on Linux endpoints.
linux mitre mitre-attack adversary-simulation elf security security-testing
Language:C 322
vectra-ai-research / Halberd
Halberd : Multi-Cloud Agentic Attack Tool
aws azuread blueteam-tools entra-id m365 microsoft mitre-attack offensive-security redteam redteam-tools security-testing security-tools ttp cloud-security azure gcp
Language:Python 321
guardrailsio / awesome-java-security
Awesome Java Security Resources 🕶☕🔐
java security awesome-list security-tools static-analysis security-testing awesome
311
security-checklist / php-security-check-list
PHP Security Check List [ EN ] 🌋 ☣️
php php-library php-framework security security-audit checklist security-checklist php-security php-security-checker webapplication web-application-security bugbounty security-research security-researcher web-application web-application-framework security-testing
296

security-testing

mitre / caldera

jassics / security-study-plan

payloadbox / command-injection-payload-list

wallarm / gotestwaf

opensec-cn / kunpeng

akto-api-security / akto

Viralmaniar / Passhunt

guardrailsio / awesome-python-security

fportantier / habu

secureCodeBox / secureCodeBox

bl4de / security-tools

CaringCaribou / caringcaribou

vxcontrol / pentagi

B3nac / InjuredAndroid

Anof-cyber / Application-Security

Marshall-Hallenbeck / red_team_attack_lab

shodansploit / shodansploit

guardrailsio / awesome-dotnet-security

pyhackertarget / hackertarget

rust-fuzz / honggfuzz-rs

cyproxio / mcp-for-security

enkomio / Taipan

PaytmLabs / nerve

security-cheatsheet / metasploit-cheat-sheet

narstybits / MacOS-DuckyScripts

flipkart-incubator / watchdog

vectra-ai-research / MAAD-AF

sterrasec / apk-medit

krabelize / icmpdoor

akenofu / OSCP-Cheat-Sheet

e-m-b-a / embark

mercedes-benz / sechub

redcanaryco / chain-reactor

vectra-ai-research / Halberd

guardrailsio / awesome-java-security

security-checklist / php-security-check-list