penetration-testing
There are 3317 repositories under penetration-testing topic.
Hack-with-Github/Awesome-Hacking
A collection of various awesome lists for hackers, pentesters and security researchers
swisskyrepo/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
The-Art-of-Hacking/h4cker
This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), artificial intelligence security, vulnerability research, exploit development, reverse engineering, and more.
vitalysim/Awesome-Hacking-Resources
A collection of hacking / penetration testing resources to make you better!
sundowndev/hacker-roadmap
A collection of hacking tools, resources and references to practice ethical hacking.
maurosoria/dirsearch
Web path scanner
qazbnm456/awesome-web-security
🐶 A curated list of Web Security materials and resources.
Datalux/Osintgram
Osintgram is a OSINT tool on Instagram. It offers an interactive shell to perform analysis on Instagram account of any users by its nickname
samratashok/nishang
Nishang - Offensive PowerShell for red team, penetration testing and offensive security.
1N3/Sn1per
Attack Surface Management Platform
GreyDGL/PentestGPT
A GPT-empowered penetration testing tool
We5ter/Scanners-Box
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
OWASP/wstg
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
yogeshojha/rengine
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.
mandiant/commando-vm
Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@mandiant.com
A-poc/RedTeam-Tools
Tools and Techniques for Red Team / Penetration Testing
trickest/cve
Gather and update all available and newest CVEs with their PoC.
Mr-xn/Penetration_Testing_POC
渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
guardicore/monkey
Infection Monkey - An open-source adversary emulation platform
six2dez/reconftw
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
jakejarvis/awesome-shodan-queries
🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩💻
daffainfo/AllAboutBugBounty
All about bug bounty (bypasses, payloads, and etc)
infoslack/awesome-web-hacking
A list of web application security
S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
yeahhub/Hacking-Security-Ebooks
Top 100 Hacking & Security E-Books (Free Download)
urbanadventurer/WhatWeb
Next generation web scanner
infobyte/faraday
Open Source Vulnerability Management Platform
j3ssie/osmedeus
A Workflow Engine for Offensive Security
rmusser01/Infosec_Reference
An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
onlurking/awesome-infosec
A curated list of awesome infosec courses and training resources.
AzeemIdrisi/PhoneSploit-Pro
An all-in-one hacking tool to remotely exploit Android devices using ADB and Metasploit-Framework to get a Meterpreter session.
OlivierLaflamme/Cheatsheet-God
Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet
LyleMi/Learn-Web-Hacking
Study Notes For Web Hacking / Web安全学习笔记
RhinoSecurityLabs/pacu
The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
Ullaakut/cameradar
Cameradar hacks its way into RTSP videosurveillance cameras