Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/samratashok/nishang

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

activedirectory hacking infosec nishang penetration-testing powershell red-team redteam security

Last synced: 31 Jul 2024

https://github.com/yogeshojha/rengine

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.

bug-bounty bugbounty hacking information-gathering infosec osint penetration-testing pentesting recon recon-engine reconnaissance rengine scanner scanner-web scanning security-tools

Last synced: 31 Jul 2024

https://github.com/OWASP/wstg

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

application-security appsec best-practices bugbounty guide hacking hacktoberfest owasp penetration-testing pentesting security

Last synced: 01 Aug 2024

https://github.com/mandiant/commando-vm

Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. [email protected]

fireeye-flare penetration-testing red-teaming windows

Last synced: 01 Aug 2024

https://github.com/GreyDGL/PentestGPT

A GPT-empowered penetration testing tool

large-language-models llm penetration-testing python

Last synced: 30 Jul 2024

https://github.com/guardicore/monkey

Infection Monkey - An open-source adversary emulation platform

adversary-emulation infection-monkey penetration-testing security-automation security-tools

Last synced: 31 Jul 2024

https://github.com/Mr-xn/Penetration_Testing_POC

渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms

authentication-bypass bypass cobalt-strike csrf csrf-webshell cve cve-cms exploit getshell oa-getshell penetration-testing penetration-testing-poc php-bypass poc poc-exp rce sql-getshell sql-poc thinkphp

Last synced: 30 Jul 2024

https://github.com/six2dez/reconftw

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

bug-bounty bugbounty dns fuzzing hacking nuclei osint penetration-testing pentest pentest-tool pentesting recon reconnaissance scanner security security-tools subdomain vulnerabilities

Last synced: 31 Jul 2024

https://github.com/RhinoSecurityLabs/pacu

The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.

aws aws-security penetration-testing python security

Last synced: 31 Jul 2024

https://github.com/Ullaakut/cameradar

Cameradar hacks its way into RTSP videosurveillance cameras

cameras cctv hacking hacking-tool infosec netsec penetration-testing pentesting rtsp security security-tools

Last synced: 30 Jul 2024

https://github.com/t3l3machus/Villain

Villain is a high level stage 0/1 C2 framework that can handle multiple TCP socket & HoaxShell-based reverse shells, enhance their functionality with additional features (commands, utilities) and share them among connected sibling servers (Villain instances running on different machines).

c2 cybersecurity hacking hacking-tool offensive-security open-source penetration-testing penetration-testing-tools pentest pentesting readteaming redteam redteam-tools

Last synced: 01 Aug 2024

https://github.com/jonaslejon/malicious-pdf

💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh

bugbounty bugbounty-tool pdf pdf-generation penetration-test penetration-testing penetrationtesting pentesting pentesting-tools python redteam redteaming scanner

Last synced: 01 Aug 2024

https://github.com/opsdisk/the_cyber_plumbers_handbook

Free copy of The Cyber Plumber's Handbook - The definitive guide to Secure Shell (SSH) tunneling, port redirection, and bending traffic like a boss.

blueteam kali lateral-movement oscp penetration-testing pivoting proxychains redteam socks5 ssh tunneling

Last synced: 01 Aug 2024

https://github.com/mgeeky/Penetration-Testing-Tools

A collection of more than 170+ tools, scripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT Security audits purposes.

cheatsheets exploit hacking networks penetration penetration-testing pentesting red-teaming redteam scripts security social-engineering testing tools

Last synced: 01 Aug 2024

https://github.com/gkbrk/slowloris

Low bandwidth DoS tool. Slowloris rewrite in Python.

dos dos-attack penetration-testing pentesting slowloris

Last synced: 31 Jul 2024

https://github.com/codingo/Reconnoitre

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

discover-services enumeration hacking hacking-tool kali-linux nmap offensive-security oscp penetration-testing range scanner scanning security security-audit security-scanner security-tools service-enumeration services-discovered snmp virtual-hosts

Last synced: 01 Aug 2024

https://github.com/OWASP/owasp-masvs

The OWASP MASVS (Mobile Application Security Verification Standard) is the industry standard for mobile app security.

android-app audit gitbook ios-app mastg masvs mobile mstg owasp penetration-testing penetration-tests security security-audit security-standards standard verification

Last synced: 31 Jul 2024

https://github.com/jeffzh3ng/fuxi

Penetration Testing Platform

penetration-testing pentest-tool security vulnerability

Last synced: 01 Aug 2024

https://github.com/zidansec/CloudPeler

CrimeFlare is a useful tool for bypassing websites protected by CloudFlare WAF, with this tool you can easily see the real IP of websites that have been protected by CloudFlare. The resulting information is certainly very useful for conducting further penetration testing, and analyzing websites with the same server.

bypass-cloudflare bypass-hostname bypass-waf cloudflare crimeflare crimeflare-next-generation crimepeler dns-security exploit hack-tool information-gathering osint-tool penetration-testing pentest-tool security-tools

Last synced: 31 Jul 2024

https://github.com/webpwnized/mutillidae

OWASP Mutillidae II is a free, open-source, deliberately vulnerable web application providing a target for web-security training. This is an easy-to-use web hacking environment designed for labs, security enthusiasts, classrooms, CTF, and vulnerability assessment tool targets.

10 application appsec cybersecurity owasp owasp-top-10 penetration-testing security top training web

Last synced: 31 Jul 2024

https://github.com/initstring/linkedin2username

OSINT Tool: Generate username lists for companies on LinkedIn

hacking osint penetration-testing pentesting

Last synced: 31 Jul 2024

https://github.com/codingo/VHostScan

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

bugbounty ctf-tools discovery-service hacking hacking-tool hackthebox offensive-security oscp penetration-test penetration-testing reverse-lookups scanner security security-audit security-tools vhost vhosts virtual-host virtual-hosts web-application-security

Last synced: 01 Aug 2024

https://github.com/Screetsec/Brutal

Payload for teensy like a rubber ducky but the syntax is different. this Human interfaes device ( HID attacks ). Penetration With Teensy . Brutal is a toolkit to quickly create various payload,powershell attack , virus attack and launch listener for a Human Interface Device ( Payload Teensy )

arduino arduino-library badusb hacker hacking payload penetration penetration-testing powershell-attack rubberducky teensy usb

Last synced: 31 Jul 2024

https://github.com/sh4hin/Androl4b

A Virtual Machine For Assessing Android applications, Reverse Engineering and Malware Analysis

android application-security malware-analyzer mobile-security penetration-testing reverse-engineering

Last synced: 24 Apr 2024

https://github.com/Viralmaniar/Powershell-RAT

Python based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.

backdoor fud hacking hacking-tool penetration-testing pentesting powershell rat redteaming remoteaccess trojan trojan-rat

Last synced: 30 Jul 2024

https://github.com/M4cs/BabySploit

:baby: BabySploit Beginner Pentesting Toolkit/Framework Written in Python :snake:

beginner beginner-friendly ethical-hacking kali penetration-testing penetration-testing-framework pentest-tool pentesting python3 toolkit tools

Last synced: 31 Jul 2024

https://github.com/wireghoul/dotdotpwn

DotDotPwn - The Directory Traversal Fuzzer

fuzzer penetration-testing perl security traversal

Last synced: 31 Jul 2024

https://github.com/appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training

Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands on training!

application-security aws-security azure-security free opensource penetration-testing pentesting

Last synced: 31 Jul 2024

https://github.com/maldevel/PenTestKit

Tools, scripts and tips useful during Penetration Testing engagements.

assessment hacking kali-linux network notes penetration-testing pentesting scripts security system tools web

Last synced: 30 Jul 2024

https://github.com/shenril/Sitadel

Web Application Security Scanner

penetration-testing python3 scanner-web security

Last synced: 01 Aug 2024

https://github.com/dmdhrumilmistry/pyhtools

A Python Hacking Library consisting of network scanner, arp spoofer and detector, dns spoofer, code injector, packet sniffer, network jammer, email sender, downloader, wireless password harvester credential harvester, keylogger, download&execute, ransomware, data harvestors, etc.

apihacking dmdhrumilmistry hacking hacking-tool hacking-tools hackingwithpython malware-development penetration-testing python python3 ransomware remoteaccess telegram-hack web-hac web-security

Last synced: 31 Jul 2024

https://github.com/gellin/TeamViewer_Permissions_Hook_V1

A proof of concept injectable C++ dll, that uses naked inline hooking and direct memory modification to change your TeamViewer permissions.

cplusplus cpp dll-injection hooking memory-hacking penetration-testing security teamviewer x86

Last synced: 30 Jul 2024

https://github.com/C0reL0ader/EaST

Exploits and Security Tools Framework 2.0.1

east-framework exploits offensive-security penetration-testing python

Last synced: 30 Jul 2024

https://github.com/4shadoww/hakkuframework

Hakku Framework penetration testing

linux penetration-testing python

Last synced: 31 Jul 2024

https://github.com/sh4hin/MobileApp-Pentest-Cheatsheet

The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.

android ios mobile-security penetration-testing

Last synced: 31 Jul 2024

https://github.com/tokyoneon/CredPhish

CredPhish is a PowerShell script designed to invoke legitimate credential prompts and exfiltrate passwords over DNS.

amsi antivirus-evasion backdoor bypass-antivirus c2 dns dns-server exfiltration information-security kali kali-linux kali-scripts offensive-security penetration-testing reverse-shell shell social-engineering

Last synced: 30 Jul 2024

https://github.com/Viralmaniar/Wifi-Dumper

This is an open source tool to dump the wifi profiles and cleartext passwords of the connected access points on the Windows machine. This tool will help you in a Wifi penetration testing. Furthermore, it is useful while performing red team or an internal infrastructure engagements.

cleartext-password internal-infrastructure-engagements penetration-testing wifi-dumper wifi-testing wireless-network wireless-profiles

Last synced: 31 Jul 2024

https://github.com/enemy-submarine/pidrila

Python Interactive Deepweb-oriented Rapid Intelligent Link Analyzer

appsec bug-bounty dirbuster hacking netstalking penetration-testing pentest pentesting python scanner scanner-web security

Last synced: 31 Jul 2024

https://github.com/go-outside-labs/sec-pentesting-toolkit

👾 𝘁𝗼𝗼𝗹𝘀 𝗳𝗼𝗿 𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗿𝗲𝘀𝗲𝗮𝗿𝗰𝗵𝗲𝗿𝘀: 𝗽𝗲𝗻𝘁𝗲𝘀𝘁𝗶𝗻𝗴, 𝗖𝗧𝗙𝘀 & 𝘄𝗮𝗿𝗴𝗮𝗺𝗲𝘀

botnets cryptography ctf forensics gray-hacker-resources hacking infosec iocs linux malwares network penetration-testing pentesting post-exploitation reverse-engineering rubber-ducky steganography vulnerabilities wargame web-security

Last synced: 31 Jul 2024

https://github.com/WazeHell/metateta

Metateta Automated Tool For Scanning And Exploiting Network Protocols Using Metasploit

automation enumeration exploitation metasploit metasploit-framework network-security penetration-testing pentesting scanning smb

Last synced: 30 Jul 2024

https://github.com/JacobMisirian/DblTekGoIPPwn

Tool to check if an IP of a DblTek GoIP is vulnerable to a challenge-response login system, send SMS messages from the system, execute remote commands botnet style, and generate responses to challenges.

challenge-response dbltek-goip gsm gsm-modem hacking-tool penetration-testing sms sms-gateway telnet voip vulnerability

Last synced: 31 Jul 2024

https://github.com/redherd-project/redherd-framework

RedHerd is a collaborative and serverless framework for orchestrating a geographically distributed group of assets.

adversarial-simulation cyberspace-operations ethical-hacking orchestration penetration-testing red-teaming

Last synced: 31 Jul 2024

https://github.com/RiccardoAncarani/python_offensive_scripts

A collection of Python scripts to automate/help during a pentest

penetration-testing python security-tools

Last synced: 31 Jul 2024

https://github.com/sh4hin/androl4b

A Virtual Machine For Assessing Android applications, Reverse Engineering and Malware Analysis

android application-security malware-analyzer mobile-security penetration-testing reverse-engineering

Last synced: 30 Jul 2024