Top 371 penetration-testing open source projects

Subdomain enumeration through various techniques

A Modular Penetration Testing Framework

A powerful hacker toolkit collected more than 10 categories of open source scanners from Github - 安全行业从业者自研开源扫描器合辑

Attack Surface Management Platform | Sn1perSecurity LLC

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…

A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.

This repository contains writeups for various CTFs I've participated in (Including Hack The Box).

Functions that can be used to gain Reverse Shells with PowerShell

Security tool to quickly audit Public Box files and folders.

A pentesting tool inspired by mr robot and derived by zphisher

A Docker container for remote penetration testing.

A web application for generating custom XSS payloads

Command line tool that allows you to explore IoT devices by using Shodan API.

Web App Pen Tester (Web Interface)

Oracle Database Penetration Testing Reference (10g/11g)

List of every possible vulnerabilities in computer security.

A shot-for-shot remake of the Google Login Page.

Yet Another PHP Shell - The most complete PHP reverse shell

My notes on PentesterLab's Bootcamp series 🕵️

This script will you help to find the information about the website and to help in penetrating testing

link is a command and control framework written in rust

A Tool for Domain Flyovers

Multi OTP Spam Amp/Paralell threads

cms识别

Offensive Reverse Shell (Cheat Sheet)

A Collection of articles, videos, blogs, talks and other materials on Node.js Security

Modular personalized dictionary generator.

Common Web Managers Fuzz Wordlists

Payload Arsenal for Pentration Tester and Bug Bounty Hunters

Host Header Injection Checker

Red Team Toolkit is an Open-Source Django Offensive Web-App which is keeping the useful offensive tools used in the red-teaming together.

Hacking, pen-testing, and cyber-security related tools built with Python.

VulWebaju is a platform that automates setting up your pen-testing environment for learning purposes.

An advanced command-line search engine for Exploit-DB

Automated tool for WiFi hacking.

AV-evading Pythonic Reverse Shell with Dynamic Adaption Capabilities

Top 20 Kali Linux Related E-books (Free Download)

Reverse shell manager using tmux and ncat

Feature-rich Post Exploitation Framework with Network Pivoting capabilities.

Vulnerability assessment and penetration testing automation and reporting platform for teams.

SMTP and IMAP checker / cracker for mailpass combolists with a user-friendly GUI, automated inbox test and many more features.

Statically-linked ssh server with reverse shell functionality for CTFs and such

Kali Live Build Scripts

Reconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.

A collection of resources I'm using while working toward the OSCP

List of Bluetooth BR/EDR/LE security resources

VOIP Security Audit Framework

domhttpx is a google search engine dorker with HTTP toolkit built with python, can make it easier for you to find many URLs/IPs at once with fast time.

A simple Python script that reads a text file with lots of e-mails and passwords, and tries to check if those credentials are valid by trying to login on IMAP servers.

Little tool made in python to create payloads for Linux, Windows and OSX with unique handler

It's a Docker Environment for pentesting which having all the required tool for VAPT.

Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place

Python-based CLI Password Analyser (Reporting Tool)

Captive wifi hotspot bypass tool for Linux

Argus Advanced Remote & Local Keylogger For macOS and Windows

Get GTFOBins info about a given exploit from the command line

An RPC attack framework for Blockchain nodes.

Automated script to run all modules for a specified list of domains, netblocks or company name

My personal bug bounty toolkit.

A Security Tool for Enumerating WebSockets