2526 Open source projects that are alternatives of or similar to Pentesting Bible

Fully automated offensive security framework for reconnaissance and vulnerability scanning

HostHunter a recon tool for discovering hostnames using OSINT techniques.

OSINT

A high performance offensive security tool for reconnaissance and vulnerability scanning

An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.

swiss army knife for hackers

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)

This repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions

Automated NoSQL database enumeration and web application exploitation tool.

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

Web path scanner

Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.

Quiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.

Making Favicon.ico based Recon Great again !

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

🏴‍☠️ Information Gathering tool 🏴‍☠️ DNS / Subdomains / Ports / Directories enumeration

🔺 Red Team Hardware Toolkit 🔺

A framework that create an advanced stealthy dropper that bypass most AVs and have a lot of tricks

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

Nmap on steroids. Simple CLI with the ability to run pure Nmap engine, 31 modules with 459 scan profiles.

No description or website provided.

Awesome cloud enumerator

🎯 SQL Injection Payload List

记录自己编写、修改的部分工具

Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

This repository contains full code examples from the book Gray Hat C#

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

People tracker on the Internet: OSINT analysis and research tool by Jose Pino

vulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}

Tool Information Gathering Write By Python.

Tool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.

Quack Toolkit is a set of tools to provide denial of service attacks. Quack Toolkit includes SMS attack tool, HTTP attack tool and many other attack tools.

Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

Osintgram is a OSINT tool on Instagram. It offers an interactive shell to perform analysis on Instagram account of any users by its nickname

📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.

平常看到好的渗透hacking工具和多领域效率工具的集合

jSQL Injection is a Java application for automatic SQL database injection.

OneForAll是一款功能强大的子域收集工具

Information gathering & website reconnaissance | https://phishstats.info/

network reconnaissance toolkit

Undetectable & Xor encrypting with custom KEY (FUD Metasploit Rat) bypass Top Antivirus like BitDefender,Malwarebytes,Avast,ESET-NOD32,AVG,... & Automatically Add ICON and MANIFEST to excitable

Next generation web scanner

Offensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.

Automatically Launch Google Hacking Queries Against A Target Domain

fireELF - Fileless Linux Malware Framework

All releases of the security research group (a.k.a. hackers) The Hacker's Choice

Intelligence tool but without API key

Top disclosed reports from HackerOne

mXtract - Memory Extractor & Analyzer

onex is a hacking tool installer and package manager for hackers. Onex is a library of all hacking tools for Termux and other Linux distributions. onex can install any third party tool or any hacking tool for you.

Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.

Wi-Fi tools keep getting more and more accessible to beginners, and the Ehtools Framework is a framework of serious penetration tools that can be explored easily from within it. This powerful and simple tool can be used for everything from installing new add-ons to grabbing a WPA handshake in a matter of seconds. Plus, it's easy to install, set up, and utilize.

OSINT Tool: Generate username lists for companies on LinkedIn