Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

Projects in Awesome Lists tagged with penetration-testing

A curated list of projects in awesome lists tagged with penetration-testing .

https://github.com/datalux/osintgram

Osintgram is a OSINT tool on Instagram. It offers an interactive shell to perform analysis on Instagram account of any users by its nickname

analysis hacking information-gathering instagram instagram-account instagram-api nickname osint osint-python penetration-testing python python3 tool

Last synced: 13 May 2025

https://github.com/Datalux/Osintgram

Osintgram is a OSINT tool on Instagram. It offers an interactive shell to perform analysis on Instagram account of any users by its nickname

analysis hacking information-gathering instagram instagram-account instagram-api nickname osint osint-python penetration-testing python python3 tool

Last synced: 03 Apr 2025

https://github.com/samratashok/nishang

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

activedirectory hacking infosec nishang penetration-testing powershell red-team redteam security

Last synced: 13 May 2025

https://github.com/greydgl/pentestgpt

A GPT-empowered penetration testing tool

large-language-models llm penetration-testing python

Last synced: 11 May 2025

https://github.com/GreyDGL/PentestGPT

A GPT-empowered penetration testing tool

large-language-models llm penetration-testing python

Last synced: 15 Mar 2025

https://github.com/yogeshojha/rengine

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.

bug-bounty bugbounty hacking information-gathering infosec osint penetration-testing pentesting recon recon-engine reconnaissance rengine scanner scanner-web scanning security-tools

Last synced: 05 Apr 2025

https://github.com/owasp/wstg

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

application-security appsec best-practices bugbounty guide hacking hacktoberfest owasp penetration-testing pentesting security

Last synced: 26 Mar 2025

https://github.com/OWASP/wstg

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

application-security appsec best-practices bugbounty guide hacking hacktoberfest owasp penetration-testing pentesting security

Last synced: 30 Mar 2025

https://github.com/mandiant/commando-vm

Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@mandiant.com

fireeye-flare penetration-testing red-teaming windows

Last synced: 09 Apr 2025

https://github.com/guardicore/monkey

Infection Monkey - An open-source adversary emulation platform

adversary-emulation infection-monkey penetration-testing security-automation security-tools

Last synced: 12 May 2025

https://github.com/mr-xn/penetration_testing_poc

渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms

authentication-bypass bypass cobalt-strike csrf csrf-webshell cve cve-cms exploit getshell oa-getshell penetration-testing penetration-testing-poc php-bypass poc poc-exp rce sql-getshell sql-poc thinkphp

Last synced: 27 Mar 2025

https://github.com/Mr-xn/Penetration_Testing_POC

渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms

authentication-bypass bypass cobalt-strike csrf csrf-webshell cve cve-cms exploit getshell oa-getshell penetration-testing penetration-testing-poc php-bypass poc poc-exp rce sql-getshell sql-poc thinkphp

Last synced: 13 Mar 2025

https://github.com/six2dez/reconftw

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

bug-bounty bugbounty dns fuzzing hacking nuclei osint penetration-testing pentest pentest-tool pentesting recon reconnaissance scanner security security-tools subdomain vulnerabilities

Last synced: 13 May 2025

https://github.com/LyleMi/Learn-Web-Hacking

Study Notes For Web Hacking / Web安全学习笔记

hacking penetration-testing pentesting security study-notes web-hacking

Last synced: 04 Apr 2025

https://github.com/lylemi/learn-web-hacking

Study Notes For Web Hacking / Web安全学习笔记

hacking penetration-testing pentesting security study-notes web-hacking

Last synced: 02 Apr 2025

https://github.com/rhinosecuritylabs/pacu

The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.

aws aws-security penetration-testing python security

Last synced: 10 Apr 2025

https://github.com/RhinoSecurityLabs/pacu

The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.

aws aws-security penetration-testing python security

Last synced: 23 Mar 2025

https://github.com/ullaakut/cameradar

Cameradar hacks its way into RTSP videosurveillance cameras

cameras cctv hacking hacking-tool infosec netsec penetration-testing pentesting rtsp security security-tools

Last synced: 14 May 2025

https://github.com/Ullaakut/cameradar

Cameradar hacks its way into RTSP videosurveillance cameras

cameras cctv hacking hacking-tool infosec netsec penetration-testing pentesting rtsp security security-tools

Last synced: 14 Mar 2025

https://github.com/t3l3machus/villain

Villain is a high level stage 0/1 C2 framework that can handle multiple reverse TCP & HoaxShell-based shells, enhance their functionality with additional features (commands, utilities) and share them among connected sibling servers (Villain instances running on different machines).

c2 cybersecurity hacking hacking-tool offensive-security open-source penetration-testing penetration-testing-tools pentest pentesting readteaming redteam redteam-tools

Last synced: 13 May 2025

https://github.com/zan8in/afrog

A Security Tool for Bug Bounty, Pentest and Red Teaming.

afrog bug-bounty penetration-testing pentest poc red-teaming vulnerability-scanner vulnerability-scanning-tools

Last synced: 13 May 2025

https://github.com/t3l3machus/Villain

Villain is a high level stage 0/1 C2 framework that can handle multiple reverse TCP & HoaxShell-based shells, enhance their functionality with additional features (commands, utilities) and share them among connected sibling servers (Villain instances running on different machines).

c2 cybersecurity hacking hacking-tool offensive-security open-source penetration-testing penetration-testing-tools pentest pentesting readteaming redteam redteam-tools

Last synced: 30 Mar 2025

https://github.com/techchipnet/camphish

Grab cam shots & GPS location from target's phone front camera or PC webcam just sending a link.

android-hacking camera-hacking gps gps-location gps-tracking hack hacking kali-linux penetration-testing techchip termux

Last synced: 13 Apr 2025

https://github.com/t3l3machus/hoaxshell

A Windows reverse shell payload generator and handler that abuses the http(s) protocol to establish a beacon-like reverse shell.

hacking open-source penetration-testing pentesting-tools powershell python3 red-teaming reverse-shell

Last synced: 13 May 2025

https://github.com/techchipnet/CamPhish

Grab cam shots from target's phone front camera or PC webcam just sending a link.

android-hacking camera-hacking hack hacking kali-linux penetration-testing techchip termux

Last synced: 11 Jul 2025

https://github.com/jonaslejon/malicious-pdf

💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh

bugbounty bugbounty-tool pdf pdf-generation penetration-test penetration-testing penetrationtesting pentesting pentesting-tools python redteam redteaming scanner

Last synced: 14 May 2025

https://github.com/mgeeky/penetration-testing-tools

A collection of more than 170+ tools, scripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT Security audits purposes.

cheatsheets exploit hacking networks penetration penetration-testing pentesting red-teaming redteam scripts security social-engineering testing tools

Last synced: 15 May 2025

https://github.com/mgeeky/Penetration-Testing-Tools

A collection of more than 170+ tools, scripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT Security audits purposes.

cheatsheets exploit hacking networks penetration penetration-testing pentesting red-teaming redteam scripts security social-engineering testing tools

Last synced: 30 Mar 2025

https://github.com/opsdisk/the_cyber_plumbers_handbook

Free copy of The Cyber Plumber's Handbook - The definitive guide to Secure Shell (SSH) tunneling, port redirection, and bending traffic like a boss.

blueteam kali lateral-movement oscp penetration-testing pivoting proxychains redteam socks5 ssh tunneling

Last synced: 24 Mar 2025

https://github.com/gkbrk/slowloris

Low bandwidth DoS tool. Slowloris rewrite in Python.

dos dos-attack penetration-testing pentesting slowloris

Last synced: 14 May 2025

https://github.com/voorivex/pentest-guide

Penetration tests guide based on OWASP including test cases, resources and examples.

bugbounty bypass owasp-tests payload penetration-testing pentest vulnerability writeup

Last synced: 23 Mar 2025

https://github.com/Voorivex/pentest-guide

Penetration tests guide based on OWASP including test cases, resources and examples.

bugbounty bypass owasp-tests payload penetration-testing pentest vulnerability writeup

Last synced: 12 Mar 2025

https://github.com/rewardone/oscprepo

A list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP (and more) study material. Commands in 'Usefulcommands' Keepnote. Bookmarks and reading material in 'BookmarkList' CherryTree. Reconscan Py2 and Py3. Custom ISO building.

oscp penetration-testing pentest reconscan

Last synced: 15 May 2025

https://github.com/rewardone/OSCPRepo

A list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP (and more) study material. Commands in 'Usefulcommands' Keepnote. Bookmarks and reading material in 'BookmarkList' CherryTree. Reconscan Py2 and Py3. Custom ISO building.

oscp penetration-testing pentest reconscan

Last synced: 19 Apr 2025

https://github.com/theporgs/exegol

Fully featured and community-driven hacking environment

ctf docker hacking linux penetration-testing pentesting python

Last synced: 13 May 2025

https://github.com/ThePorgs/Exegol

Fully featured and community-driven hacking environment

ctf docker hacking linux penetration-testing pentesting python

Last synced: 14 Apr 2025

https://github.com/gh0stkey/web-fuzzing-box

Web Fuzzing Box - Web 模糊测试字典与一些Payloads

bugbounty fuzz fuzzing hacking penetration-testing pentesting

Last synced: 26 Mar 2025

https://github.com/OWASP/masvs

The OWASP MASVS (Mobile Application Security Verification Standard) is the industry standard for mobile app security.

android-app audit gitbook ios-app mastg masvs mobile mstg owasp penetration-testing penetration-tests security security-audit security-standards standard verification

Last synced: 18 Jul 2025

https://github.com/codingo/reconnoitre

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

discover-services enumeration hacking hacking-tool kali-linux nmap offensive-security oscp penetration-testing range scanner scanning security security-audit security-scanner security-tools service-enumeration services-discovered snmp virtual-hosts

Last synced: 15 May 2025

https://github.com/codingo/Reconnoitre

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

discover-services enumeration hacking hacking-tool kali-linux nmap offensive-security oscp penetration-testing range scanner scanning security security-audit security-scanner security-tools service-enumeration services-discovered snmp virtual-hosts

Last synced: 30 Mar 2025

https://github.com/gh0stkey/Web-Fuzzing-Box

Web Fuzzing Box - Web 模糊测试字典与一些Payloads

bugbounty fuzz fuzzing hacking penetration-testing pentesting

Last synced: 15 May 2025

https://github.com/OWASP/owasp-masvs

The OWASP MASVS (Mobile Application Security Verification Standard) is the industry standard for mobile app security.

android-app audit gitbook ios-app mastg masvs mobile mstg owasp penetration-testing penetration-tests security security-audit security-standards standard verification

Last synced: 26 Mar 2025

https://github.com/safebuffer/vulnerable-ad

Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab

active-directory penetration-testing powershell redteaming vulnerable-activedirectory vulnerable-ad

Last synced: 15 May 2025

https://github.com/WazeHell/vulnerable-AD

Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab

active-directory penetration-testing powershell redteaming vulnerable-activedirectory vulnerable-ad

Last synced: 02 May 2025

https://github.com/hacking-the-cloud/hackingthe.cloud

An encyclopedia for offensive and defensive security knowledge in cloud native technologies.

aws aws-hacking azure cloud cloud-security gcp hacking hacking-cloud penetration-testing

Last synced: 14 May 2025