pentest
There are 1399 repositories under pentest topic.
swisskyrepo/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
sundowndev/hacker-roadmap
A collection of hacking tools, resources and references to practice ethical hacking.
qeeqbox/social-analyzer
API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites
nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters
A list of resources for those interested in getting started in bug bounties
SecWiki/windows-kernel-exploits
windows-kernel-exploits Windows平台提权漏洞集合
sensepost/objection
📱 objection - runtime mobile exploration
horsicq/Detect-It-Easy
Program for determining types of files for Windows, Linux and MacOS.
yaklang/yakit
Cyber Security ALL-IN-ONE Platform
k8gege/K8tools
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
daffainfo/AllAboutBugBounty
All about bug bounty (bypasses, payloads, and etc)
epi052/feroxbuster
A fast, simple, recursive content discovery tool written in Rust.
A-poc/RedTeam-Tools
Tools and Techniques for Red Team / Penetration Testing
six2dez/reconftw
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
ihebski/DefaultCreds-cheat-sheet
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
urbanadventurer/WhatWeb
Next generation web scanner
SecWiki/linux-kernel-exploits
linux-kernel-exploits Linux平台提权漏洞集合
ffffffff0x/1earn
ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
onlurking/awesome-infosec
A curated list of awesome infosec courses and training resources.
k8gege/Ladon
Ladon大型内网渗透工具,可PowerShell模块化、可CS插件化、可内存加载,无文件扫描。含端口扫描、服务识别、网络资产探测、密码审计、高危漏洞检测、漏洞利用、密码读取以及一键GetShell,支持批量A段/B段/C段以及跨网段扫描,支持URL、主机、域名列表扫描等。Ladon 12.2内置262个功能,网络资产探测模块32个通过多种协议(ICMP\NBT\DNS\MAC\SMB\WMI\SSH\HTTP\HTTPS\Exchange\mssql\FTP\RDP)以及方法快速获取目标网络存活主机IP、计算机名、工作组、共享资源、网卡地址、操作系统版本、网站、子域名、中间件、开放服务、路由器、交换机、数据库、打印机等信息,高危漏洞检测16个含MS17010、Zimbra、Exchange
Hackplayers/evil-winrm
The ultimate WinRM shell for hacking/pentesting
alpkeskin/mosint
An automated e-mail OSINT tool
UndeadSec/SocialFish
Phishing Tool & Information Collector
coreb1t/awesome-pentest-cheat-sheets
Collection of the cheat sheets useful for pentesting
lcvvvv/kscan
Kscan是一款纯go开发的全方位扫描器,具备端口扫描、协议检测、指纹识别,暴力破解等功能。支持协议1200+,协议指纹10000+,应用指纹20000+,暴力破解协议10余种。
t3l3machus/Villain
Villain is a C2 framework that can handle multiple TCP socket & HoaxShell-based reverse shells, enhance their functionality with additional features (commands, utilities etc) and share them among connected sibling servers (Villain instances running on different machines).
foospidy/payloads
Git All the Payloads! A collection of web attack payloads.
lanjelot/patator
Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.
nixawk/pentest-wiki
PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.
skerkour/black-hat-rust
Applied offensive security with Rust - https://kerkour.com/black-hat-rust
zan8in/afrog
A Security Tool for Bug Bounty, Pentest and Red Teaming.
Ascotbe/Kernelhub
:palm_tree:Linux、macOS、Windows Kernel privilege escalation vulnerability collection, with compilation environment, demo GIF map, vulnerability details, executable file (提权漏洞合集)
swisskyrepo/SSRFmap
Automatic SSRF fuzzer and exploitation tool
arainho/awesome-api-security
A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.
snooppr/snoop
Snoop — инструмент разведки на основе открытых данных (OSINT world)
lirantal/awesome-nodejs-security
Awesome Node.js Security resources