security-testing
There are 313 repositories under security-testing topic.
mitre/caldera
Automated Adversary Emulation Platform
jassics/security-study-plan
Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...
payloadbox/command-injection-payload-list
🎯 Command Injection Payload List
opensec-cn/kunpeng
kunpeng是一个Golang编写的开源POC框架/库,以动态链接库的形式提供各种语言调用,通过此项目可快速开发漏洞检测类的系统。
wallarm/gotestwaf
An open-source project in Golang to asess different API Security tools and WAF for detection logic and bypasses
Viralmaniar/Passhunt
Passhunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.
guardrailsio/awesome-python-security
Awesome Python Security resources 🕶🐍🔐
fportantier/habu
Hacking Toolkit
akto-api-security/akto
Proactive, Open source API security → API discovery, Testing in CI/CD, Test Library with 150+ Tests, Add custom tests, Sensitive data exposure
bl4de/security-tools
My collection of various security tools created mostly in Python and Bash. For CTFs and Bug Bounty.
secureCodeBox/secureCodeBox
secureCodeBox (SCB) - continuous secure delivery out of the box
CaringCaribou/caringcaribou
A friendly car security exploration tool for the CAN bus
Anof-cyber/Application-Security
Resources for Application Security including Web, API, Android, iOS and Thick Client
B3nac/InjuredAndroid
A vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.
Marshall-Hallenbeck/red_team_attack_lab
Red Team Attack Lab for TTP testing & research
shodansploit/shodansploit
🔎 shodansploit > v1.3.0
guardrailsio/awesome-dotnet-security
Awesome .NET Security Resources
pyhackertarget/hackertarget
🎯 HackerTarget ToolKit - Tools And Network Intelligence To Help Organizations With Attack Surface Discovery 🎯
enkomio/Taipan
Web application vulnerability scanner
rust-fuzz/honggfuzz-rs
Fuzz your Rust code with Google-developed Honggfuzz !
PaytmLabs/nerve
NERVE Continuous Vulnerability Scanner
flipkart-incubator/watchdog
Watchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.
security-cheatsheet/metasploit-cheat-sheet
Metasploit Cheat Sheet 💣
akenofu/OSCP-Cheat-Sheet
This is my OSCP cheat sheet made by combining a lot of different resources online with a little bit of tweaking. I used this cheat sheet during my exam (Fri, 13 Sep 2019) and during the labs. I can proudly say it helped me pass so I hope it can help you as well ! Good Luck and Try Harder
aktsk/apk-medit
memory search and patch tool on debuggable apk without root & ndk
vectra-ai-research/MAAD-AF
MAAD Attack Framework - An attack tool for simple, fast & effective security testing of M365 & Entra ID (Azure AD).
krabelize/icmpdoor
ICMP Reverse Shell written in Python 3 and with Scapy (backdoor/rev shell)
e-m-b-a/embark
EMBArk - The firmware security scanning environment
guardrailsio/awesome-java-security
Awesome Java Security Resources 🕶☕🔐
security-checklist/php-security-check-list
PHP Security Check List [ EN ] 🌋 ☣️
jjf012/gopoc
用cel-go重现了长亭xray的poc检测功能的轮子
redcanaryco/chain-reactor
Chain Reactor is an open source framework for composing executables that simulate adversary behaviors and techniques on Linux endpoints.
narstybits/MacOS-DuckyScripts
Presenting a wide range of more than 100 powerful BadUSB scripts exclusively designed for Mac OS & the Flipper Zero device. As the sole curator and maintainer of this repository. Your utilization of these scripts is highly valued, and I sincerely appreciate your support and enthusiasm!
mercedes-benz/sechub
SecHub provides a central API to test software with different security tools.
tprynn/web-methodology
Methodology for high-quality web application security testing - https://github.com/tprynn/web-methodology/wiki
trailofbits/siderophile
Find the ideal fuzz targets in a Rust codebase