pentest
There are 1827 repositories under pentest topic.
swisskyrepo/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
sundowndev/hacker-roadmap
A collection of hacking tools, resources and references to practice ethical hacking.
qeeqbox/social-analyzer
API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites
nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters
A list of resources for those interested in getting started in bug bounties
horsicq/Detect-It-Easy
Program for determining types of files for Windows, Linux and MacOS.
sensepost/objection
📱 objection - runtime mobile exploration
SecWiki/windows-kernel-exploits
windows-kernel-exploits Windows平台提权漏洞集合
A-poc/RedTeam-Tools
Tools and Techniques for Red Team / Penetration Testing
epi052/feroxbuster
A fast, simple, recursive content discovery tool written in Rust.
Orange-Cyberdefense/GOAD
game of active directory
yaklang/yakit
Cyber Security ALL-IN-ONE Platform
six2dez/reconftw
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
daffainfo/AllAboutBugBounty
All about bug bounty (bypasses, payloads, and etc)
ihebski/DefaultCreds-cheat-sheet
One place for all the default credentials to assist the Blue/Red teamers identifying devices with default password 🛡️
urbanadventurer/WhatWeb
Next generation web scanner
k8gege/K8tools
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
ffffffff0x/1earn
ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
alpkeskin/mosint
An automated e-mail OSINT tool
SecWiki/linux-kernel-exploits
linux-kernel-exploits Linux平台提权漏洞集合
onlurking/awesome-infosec
A curated list of awesome infosec courses and training resources.
k8gege/Ladon
Ladon大型内网渗透扫描器,PowerShell、Cobalt Strike插件、内存加载、无文件扫描。含端口扫描、服务识别、网络资产探测、密码审计、高危漏洞检测、漏洞利用、密码读取以及一键GetShell,支持批量A段/B段/C段以及跨网段扫描,支持URL、主机、域名列表扫描等。网络资产探测32种协议(ICMP\NBT\DNS\MAC\SMB\WMI\SSH\HTTP\HTTPS\Exchange\mssql\FTP\RDP)或方法快速获取目标网络存活主机IP、计算机名、工作组、共享资源、网卡地址、操作系统版本、网站、子域名、中间件、开放服务、路由器、交换机、数据库、打印机等,大量高危漏洞检测模块MS17010、Zimbra、Exchange
Hackplayers/evil-winrm
The ultimate WinRM shell for hacking/pentesting
Pennyw0rth/NetExec
The Network Execution Tool
UndeadSec/SocialFish
Phishing Tool & Information Collector
t3l3machus/Villain
Villain is a high level stage 0/1 C2 framework that can handle multiple reverse TCP & HoaxShell-based shells, enhance their functionality with additional features (commands, utilities) and share them among connected sibling servers (Villain instances running on different machines).
lcvvvv/kscan
Kscan是一款纯go开发的全方位扫描器,具备端口扫描、协议检测、指纹识别,暴力破解等功能。支持协议1200+,协议指纹10000+,应用指纹20000+,暴力破解协议10余种。
skerkour/black-hat-rust
Applied offensive security with Rust - https://kerkour.com/black-hat-rust
coreb1t/awesome-pentest-cheat-sheets
Collection of the cheat sheets useful for pentesting
zan8in/afrog
A Security Tool for Bug Bounty, Pentest and Red Teaming.
foospidy/payloads
Git All the Payloads! A collection of web attack payloads.
lanjelot/patator
Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.
nixawk/pentest-wiki
PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.
snooppr/snoop
Snoop — инструмент разведки на основе открытых данных (OSINT world)
arainho/awesome-api-security
A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.
swisskyrepo/SSRFmap
Automatic SSRF fuzzer and exploitation tool