535 Open source projects that are alternatives of or similar to pentesting-notes

An Arch Linux repository for security professionals and enthusiasts. Done the Arch Way and optimized for i686, x86_64, ARMv6, ARMv7 and ARMv8.

Penetration tests on SSH servers using brute force or dictionary attacks. Written in Python.

The SpecterOps project management and reporting engine

Penetration Testing Notes and Playbook (PTP)

Idiomatic nmap library for go developers

Boxer: A fast directory bruteforce tool written in Python with concurrency.

An advanced tool for email reconnaissance

Audit tool to find common vulnerabilities in PHP source code

Automation scripts in preparation for PWK/OSCP labs

Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab

A penetration testing tool for finding file upload bugs (NDSS 2020)

WARF is a Web Application Reconnaissance Framework that helps to gather information about the target.

A curated list of awesome infosec courses and training resources.

Python script wrote to automate the process of generating various reverse shells.

Writeups for vulnerable machines.

ConPtyShell - Fully Interactive Reverse Shell for Windows

Silentbridge is a toolkit for bypassing 802.1x-2010 and 802.1x-2004.

An HTTP/HTTPS intercept proxy written in Go.

Generates malicious LNK file payloads for data exfiltration

A Virtual Machine For Assessing Android applications, Reverse Engineering and Malware Analysis

A MongoDB importer and API for Project Sonars DNS datasets

👶 BabySploit Beginner Pentesting Toolkit/Framework Written in Python 🐍

A Python Hacking Library consisting of network scanner, arp spoofer and detector, dns spoofer, code injector, packet sniffer, network jammer, email sender, downloader, wireless password harvester credential harvester, keylogger, download&execute, ransomware, data harvestors, etc.

Spoof SSDP replies and create fake UPnP devices to phish for credentials and NetNTLM challenge/response.

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Automated NoSQL database enumeration and web application exploitation tool.

Instagram multi-bruteforce Platfrom

A webshell framework for penetration testers.

A curated list of VULNERABLE APPS and SYSTEMS which can be used as PENETRATION TESTING PRACTICE LAB.

A cross-platform python based utility for information gathering and penetration testing automation!

Login hunter of default credentials for administrative web interfaces leveraging NNdefaccts dataset.

Tools for Hacking

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

Random IPv6 - circumvents restrictive IP address-based filter and blocking rules

Collection of penetration test reports and pentest report templates. Published by the the best security companies in the world.

Subdomain enumeration through various techniques

Study Notes For Web Hacking / Web安全学习笔记

Red Teaming Tactics and Techniques

A simple, extensible C&C beaconing system.

GoPhish Templates that I have retired and/or templates I've recreated.

Collection of the cheat sheets useful for pentesting

🔗 All the resources I could find for learning Ethical Hacking and Penetration Testing.

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…

A tool to test security of json web token

This repository contains writeups for various CTFs I've participated in (Including Hack The Box).

Ashok is a OSINT Recon Tool , a.k.a 😍 Swiss Army knife .

Security tool to quickly audit Public Box files and folders.

A collection of hacking / penetration testing resources to make you better!

The repo contains all the slide deck that was used during my presentation at various webinars, conferences, and meetups.

Command line tool that allows you to explore IoT devices by using Shodan API.

Pentesting suite for Maltego based on data in a Metasploit database

Oracle Database Penetration Testing Reference (10g/11g)

Information Security Library

A default credential scanner.

pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)

pentest toolbox

A Python-powered exploitation framework and botnet.

Scripts I use during pentest engagements.

📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.

M3m0 Tool ⚔️ Website Vulnerability Scanner & Auto Exploiter