Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

Projects in Awesome Lists tagged with pentesting-tools

A curated list of projects in awesome lists tagged with pentesting-tools .

https://github.com/0x4m4/hexstrike-ai

HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug bounty automation, and security research. Seamlessly bridge LLMs with real-world offensive security capabilities.

0x4m4 ai ai-agents ai-cybersecurity ai-hacking ai-penetration-testing ai-security-tool artificial-intelligence ctf-tools generative-ai hexstrike kali-linux kali-tools llm llm-integration mcp mcp-server mcp-tools pentesting pentesting-tools

Last synced: 21 Jan 2026

https://github.com/jonaslejon/malicious-pdf

💀 Generate malicious PDF test files for testing phone-home callbacks, SSRF, XSS, NTLM credential theft, and data exfiltration in PDF viewers, converters, and web applications. Can be used with Burp Collaborator or Interact.sh

bugbounty bugbounty-tool pdf pdf-generation penetration-test penetration-testing penetrationtesting pentesting pentesting-tools python redteam redteaming scanner

Last synced: 20 Apr 2026

https://github.com/ed1s0nz/cyberstrikeai

CyberStrikeAI is an AI-native security testing platform built in Go. It integrates 100+ security tools, an intelligent orchestration engine, role-based testing with predefined security roles, a skills system with specialized testing skills, and comprehensive lifecycle management capabilities.

ai ai-agents ai-cybersecurity ai-hacking ai-penetration-testing ai-security-tool ctf-tools mcp pentesting-tools

Last synced: 06 May 2026

https://github.com/t3l3machus/hoaxshell

A Windows reverse shell payload generator and handler that abuses the http(s) protocol to establish a beacon-like reverse shell.

hacking open-source penetration-testing pentesting-tools powershell python3 red-teaming reverse-shell

Last synced: 13 May 2025

https://github.com/arch3rpro/pentest-windows

矛·盾 武器库 - Windows11 Penetration Suite Toolkit 一个开箱即用的windows渗透测试环境

pentesting pentesting-tools pentesting-windows security security-tools

Last synced: 14 May 2025

https://github.com/arch3rPro/Pentest-Windows

Windows11 Penetration Suite Toolkit 一个开箱即用的windows渗透测试环境

pentesting pentesting-tools pentesting-windows security security-tools

Last synced: 05 Apr 2025

https://github.com/harsh-bothra/learn365

This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection.

application-security bugbounty bugbountytips community infosec learning pentesting pentesting-tools vulnerabilities

Last synced: 02 Feb 2026

https://github.com/wangyihang/platypus

:hammer: A modern multiple reverse shell sessions manager written in go

attack-defense ctf pentesting pentesting-tools red-team reverse-shell reverse-shell-as-a-service

Last synced: 14 May 2025

https://github.com/WangYihang/Platypus

:hammer: A modern multiple reverse shell sessions manager written in go

attack-defense ctf pentesting pentesting-tools red-team reverse-shell reverse-shell-as-a-service

Last synced: 30 Mar 2025

https://github.com/bishopfox/eyeballer

Convolutional neural network for analyzing pentest screenshots

ai machine-learning pentesting-tools python security-tools tensorflow

Last synced: 07 Apr 2025

https://github.com/0xlane/wechat-dump-rs

该工具用于导出正在运行中的微信进程的 key 并自动解密所有微信数据库文件以及导出 key 后数据库文件离线解密。

pentesting pentesting-tools red-team-tools redteam rust wechat windows

Last synced: 14 May 2025

https://github.com/noobpk/frida-ios-hook

A tool that helps you easy trace classes, functions, and modify the return values of methods on iOS platform

frida frida-ios-hook hooking ios pentest pentesting-tools reverse-engineering script-loader trace

Last synced: 05 Feb 2026

https://github.com/BishopFox/eyeballer

Convolutional neural network for analyzing pentest screenshots

ai machine-learning pentesting-tools python security-tools tensorflow

Last synced: 25 Mar 2025

https://github.com/MrTuxx/SocialPwned

SocialPwned is an OSINT tool that allows to get the emails, from a target, published in social networks such as Instagram, Linkedin and Twitter to find possible credentials leaks in PwnDB or Dehashed and obtain Google account information via GHunt.

dehashed ghunt hacking haveibeenpwned instagram instagram-api linkedin-api osint pentesting-tools pwndb social-engineering twint

Last synced: 06 Aug 2025

https://github.com/APTRS/APTRS

Automated pentest reporting with custom Word templates, project tracking, and client management tools. Streamline your security workflows effortlessly!

aptrs django django-rest-framework infosec penetration-testing pentest pentest-report pentesting pentesting-tools python reactjs report-generator security security-automation typescipt vitejs

Last synced: 15 May 2025

https://github.com/arget13/DDexec

A technique to run binaries filelessly and stealthily on Linux by "overwriting" the shell's process with another.

evasion linux pentesting pentesting-tools

Last synced: 05 Apr 2025

https://github.com/Syslifters/OffSec-Reporting

Offensive Security OSCP, OSWP, OSEP, OSWA, OSWE, OSED, OSMR, OSEE, OSDA Exam and Lab Reporting / Note-Taking Tool

lab-report offensive-security offsec oscp oscp-tools osed osee osep oswa oswe oswp penetration-testing pentest-report pentesting-tools red-teaming reporting reporting-tool security-tools

Last synced: 29 Apr 2025

https://github.com/0xZDH/o365spray

Username enumeration and password spraying tool aimed at Microsoft O365.

enumeration password-spray pentest pentesting-tools python python3 security security-tools

Last synced: 12 May 2025

https://github.com/eonraider/packet-sniffer

A Network Packet Sniffing tool developed in Python 3.

ethical-hacking network-programming packet-sniffer pentesting-tools tcp-ip

Last synced: 16 May 2025

https://github.com/aaaguirrep/offensive-docker

Offensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.

bug-bounty bugbounty ctf-tools hacking hacking-tools htb pentest pentesting pentesting-tools

Last synced: 12 Jan 2026

https://github.com/EONRaider/Packet-Sniffer

A Network Packet Sniffing tool developed in Python 3.

ethical-hacking network-programming packet-sniffer pentesting-tools tcp-ip

Last synced: 22 Apr 2025

https://github.com/momenbasel/keyFinder

Keyfinder🔑 is a tool that let you find keys while surfing the web!

chrome-extension js pentesting pentesting-tools security

Last synced: 10 May 2025

https://github.com/momenbasel/keyfinder

Keyfinder🔑 is a tool that let you find keys while surfing the web!

chrome-extension js pentesting pentesting-tools security

Last synced: 05 Apr 2025

https://github.com/dr34mhacks/jwtauditor

JWT Auditor – Analyze, break, and understand your tokens like a pro.

jwt jwt-auth jwt-hacking jwt-token pentesting-tools

Last synced: 30 Apr 2026

https://github.com/tegal1337/NekoBotV1

NekoBot | Auto Exploiter With 500+ Exploit 2000+ Shell

auto-exploiter exploit pentesting-tools

Last synced: 16 May 2026

https://github.com/enomothem/Whoamifuck

用于Linux应急响应,快速排查异常用户登录情况和入侵信息排查,准确定位溯源时间线,高效辅助还原攻击链。

anti-virus blueteam emergency-response eonian-sharp incedence incedence-response ir linux linux-ir pentesting-tools pentration-testing redteam shell

Last synced: 12 Jul 2025

https://github.com/fabaff/nix-security-box

Tool set for Information security professionals and all others

nix nixos nixpkgs offensive offensive-security pentest pentest-tool pentesting pentesting-tools security-tools

Last synced: 04 Apr 2025

https://github.com/infamoussyn/rogue

An extensible toolkit providing penetration testers an easy-to-use platform to deploy Access Points during penetration testing and red team engagements.

evil-twin hostapd penetration-testing pentest-tool pentesting pentesting-tools wireless wireless-security

Last synced: 02 Apr 2025

https://github.com/InfamousSYN/rogue

An extensible toolkit providing penetration testers an easy-to-use platform to deploy Access Points during penetration testing and red team engagements.

evil-twin hostapd penetration-testing pentest-tool pentesting pentesting-tools wireless wireless-security

Last synced: 16 Jul 2025

https://github.com/nccgroup/gtfoblookup

Offline command line lookup utility for GTFOBins (https://github.com/GTFOBins/GTFOBins.github.io), LOLBAS (https://github.com/LOLBAS-Project/LOLBAS), WADComs (https://wadcoms.github.io), and HijackLibs (https://hijacklibs.net/).

gtfobins hijacklibs lolbas pentesting pentesting-tools privesc python redteam wadcoms

Last synced: 07 Apr 2025

https://github.com/kh4sh3i/ICS-Pentesting-Tools

A curated list of tools related to Industrial Control System (ICS) security and Penetration Testing

ics ics-security pentest-tool pentesting pentesting-tools scada scada-exploitation scada-framework scada-security

Last synced: 07 May 2025

https://github.com/tralahm/blackhat-go

As hackers, we put a premium on function over elegance as time is always scarce. When you need to quickly create a solution to a problem, style concerns come secondary.

blackhat dns-server go golang linux pentesting-tools tcp-server windows

Last synced: 09 Apr 2025

https://github.com/rb-x/pwnflow

A visual methodology tracking platform tailored for offensive security assessments

mindmap pentest pentesting-tools redteam redteaming-tools security-tools selfhosted vizualisation web

Last synced: 01 Mar 2026

https://github.com/oooindefatigable/BadUSB-GPT

This repo houses Rubber Ducky scripts integrated with OpenAI's GPT. Designed for ethical hackers and researchers, it merges quick Ducky executions with GPT's intelligence. Always use responsibly and with proper permissions.

ai-powered-scripts ducky-ai-integration ducky-scripts openai pentesting-tools rubber-ducky security

Last synced: 05 Sep 2025

https://github.com/shivamrai2003/reconky-automated_bash_script

Reconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.

automated-testing bash-script bugbounty bugbounty-tool bugbounty-tools enumeration exploitation hacking hacking-code nmap osint penetration-testing pentesting-tools recon recon-tools reconnaissance

Last synced: 08 May 2025

https://github.com/nescau-ufla/fuzzingtool

Software for fuzzing, used on web application pentestings.

bruteforce fuzzer fuzzing pentesting-tools python3 web web-fuzzer

Last synced: 05 Apr 2025

https://github.com/n0mi1k/pmkidcracker

A tool to crack WPA2 passphrase with PMKID value without clients or de-authentication

pentesting-tools pmkid pmkid-attack redteam-tools wifi-hacking wifi-password wifi-security wpa2-cracker wpa2-cracking

Last synced: 18 Jul 2025

https://github.com/IOActive/laf

This project intends to provide a series of tools to craft, parse, send, analyze and crack a set of LoRaWAN packets in order to audit or pentest the security of a LoraWAN infrastructure.

framework lora lorawan pentesting-tools python radio-frequency-communication security-testing

Last synced: 11 Feb 2026

https://github.com/t3l3machus/wwwtree

A utility for quickly and easily locating, web hosting and transferring resources (e.g., exploits/enumeration scripts) from your filesystem to a victim machine during privilege escalation.

hacking hacking-tools offensive-security pentest pentesting-tools redteam redteam-tools

Last synced: 07 May 2025

https://github.com/iknowjason/edge

Whois for the Cloud: Recon tool for cloud provider attribution. Supports AWS, Azure, Google, Cloudflare, and Digital Ocean.

bugbounty pentesting pentesting-tools redteam-tools

Last synced: 12 Jan 2026

https://github.com/DrPython3/MailRipV2

Improved SMTP Checker / SMTP Cracker with proxy-support, inbox test and many more features.

checker cracker pentest pentest-tool pentesting pentesting-tools python-script python3 security-audit smtp smtp-checker smtp-cracker smtplib

Last synced: 12 Jul 2025

https://github.com/xer0times/SQLi-Query-Tampering

SQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder. This extension gives you the flexibility of manual testing with many powerful evasion techniques.

bug-bounty bugbounty bughunting burp-extensions burp-plugin burpsuite burpsuite-pro evasion payload-generator pentesting pentesting-tools sqli sqlinjection

Last synced: 07 Sep 2025

https://github.com/RossGeerlings/webstor

WebStor efficiently enumerates all websites across your organization’s networks and those in your DNS records - including cloud-hosted servers via zone transfer data - stores their responses, and lets you query for known web technologies, including those with zero-day vulnerabilities.

attack-surface bugbounty bugbounty-tool cybersecurity footprinting information-gathering infosec pentest-scripts pentest-tools pentesting pentesting-tools recon reconnaissance security security-tools

Last synced: 12 Jul 2025

https://github.com/01rabbit/PAKURI

PAKURI has been merged with Python and launched as a new project, PAKURI-THON.

arsenal exploitation faraday kali metasploit openvas penetration-testing pentest-tool pentesting-tools scanning vulnerabilities

Last synced: 12 Jul 2025

https://github.com/zh54321/pocentradevicecompliancebypass

Simple pure PowerShell POC to bypass Entra / Intune Compliance Conditional Access Policy

entra entraid pentesting pentesting-tools poc powershell redteaming

Last synced: 16 Sep 2025

https://github.com/anof-cyber/paraforge

A BurpSuite extension to create a custom word-list of endpoint and parameters for enumeration and fuzzing

bug-bounty bugbounty burp-extensions burpsuite cybersecurity pentesting pentesting-tools python

Last synced: 07 Apr 2025

https://github.com/Anof-cyber/ParaForge

A BurpSuite extension to create a custom word-list of endpoint and parameters for enumeration and fuzzing

bug-bounty bugbounty burp-extensions burpsuite cybersecurity pentesting pentesting-tools python

Last synced: 13 May 2025

https://github.com/cytopia/smtp-user-enum

SMTP user enumeration via VRFY, EXPN and RCPT with clever timeout, retry and reconnect functionality.

cytopia-sec enumeration penetration-testing pentest pentest-tool pentesting pentesting-python pentesting-tools smtp smtp-server smtp-user-enumeration user-enumeration

Last synced: 06 Apr 2025

https://github.com/0xZDH/Omnispray

Modular Enumeration and Password Spraying Framework

enumeration password-spray pentesting-tools python3 security-tools

Last synced: 26 Apr 2026

https://github.com/mytechnotalent/turbo-attack

A turbo traffic generator pentesting tool to generate random traffic with random MAC and IP addresses in addition to random sequence numbers to a particular IP and port.

cyber-security cyberattack cybersecurity ddos ddos-attacks ddos-tool go golang hack hacking hacking-tool hacking-tools penetration-testing pentest pentest-tool pentesting pentesting-tools redteam redteam-tools redteaming

Last synced: 29 Aug 2025

https://github.com/zh54321/entratokenaid

A pure PowerShell solution for Entra OAuth authentication, enabling easy retrieval of access and refresh tokens

azure entra entra-id oauth2-client pentesting pentesting-tools

Last synced: 27 Jan 2026

https://github.com/Anof-cyber/Androset

Automated script to convert and push Burp Suite certificate in Android, and modify Android's IP table to redirect all traffic to Burp Suite.

android-pentesting burpsuite pentesting pentesting-tools python security-tools

Last synced: 13 Apr 2025

https://github.com/anof-cyber/androset

Automated script to convert and push Burp Suite certificate in Android, and modify Android's IP table to redirect all traffic to Burp Suite.

android-pentesting burpsuite pentesting pentesting-tools python security-tools

Last synced: 25 Aug 2025

https://github.com/choupit0/MassVulScan

A fast network scanning tool to detect open ports and security vulnerabilities

debian htb masscan nmap pentest pentesting-tools scanner security-tools vulners

Last synced: 27 Sep 2025

https://github.com/ice-wzl/hacknetics

Contained is all my reference material for my OSCP / Red Teaming. Designed to be a one stop shop for code, guides, command syntax, and high level strategy. One simple clone and you have access to some of the most popular tools used for pentesting.

bash-script batch-script educational linux linux-shell oscp oscp-guide oscp-journey pentest-scripts pentesting pentesting-networks pentesting-tools pentesting-windows powershell python3 redteaming vbscript

Last synced: 24 Oct 2025

https://github.com/Kibouo/rustpad

Multi-threaded Padding Oracle attacks against any service. Written in Rust.

cli cryptography infosec padding-oracle-attacks pentesting pentesting-tools rust tui web

Last synced: 12 Jul 2025

https://github.com/EncodeGroup/Gopher

C# tool to discover low hanging fruits

low-hanging-fruits offensive-security pentesting-tools redteam

Last synced: 11 Jul 2025

https://github.com/anof-cyber/mobsecco

Cloning apk for bypassing code tampering detection, Google Safety Net and scanning vulnerable plugins

android apk bug-bounty bugbounty cordova cybersecurity mobile-security penetration-testing pentesting pentesting-tools python

Last synced: 28 Oct 2025

https://github.com/a3h1nt/subcert

Subcert is a subdomain enumeration tool, that finds all the subdomains from certificate transparency logs.

bugbounty certificate-transparency infosec osint-tool pentesting-tools python3 subdomain-enumeration

Last synced: 22 Mar 2025