Trending repositories for topic penetration-testing

A collection of various awesome lists for hackers, pentesters and security researchers

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), artif...

Practical resources for offensive CI/CD security research.

Awesome Vulnerable Applications

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous mon...

🐶 A curated list of Web Security materials and resources.

A GPT-empowered penetration testing tool

Binary instrumentation framework based on FRIDA

Tools and Techniques for Red Team / Penetration Testing

802.11 Attack Tool

A collection of hacking / penetration testing resources to make you better!

Helping Ethical Hackers use LLMs in 50 Lines of Code or less..

A Security Tool for Bug Bounty, Pentest and Red Teaming.

A collection of hacking tools, resources and references to practice ethical hacking.

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.

Gather and update all available and newest CVEs with their PoC.

hydra

Fuzz 401/403/404 pages for bypasses

Practical resources for offensive CI/CD security research.

Helping Ethical Hackers use LLMs in 50 Lines of Code or less..

PyAnonymous是一个应用于渗透测试场景下基于Python3的无落地内存马加载解决方案

Fuzz 401/403/404 pages for bypasses

Awesome Vulnerable Applications

Monitoring the Cloud Landscape

802.11 Attack Tool

Master cybersecurity skills with this TryHackMe free path, includes a collection of my write-ups, solutions and progress tracking.

Open-source vulnerability scanner

The IoT security toolkit to help identify IoT related dashboards and scan them for default passwords and vulnerabilities.

Binary instrumentation framework based on FRIDA

🚀 A curated list of awesome testing tools 🚀

A pure-Python ARP Cache Poisoning (a.k.a "ARP Spoofing") tool

Archive of Potential Insider Threats

BrowserBruter is a powerful web form fuzzing automation tool designed for web security professionals and penetration testers. This Python-based tool leverages Selenium and Selenium-Wire to automate we...

Web Security Scanner

Automated tool for WiFi hacking.

A Powerful Phishing Tool with 50+ phishing templates. For more about Dark-Phish tool please visit the website.

Local penetration testing lab using docker-compose.

A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.

Practical resources for offensive CI/CD security research.

A collection of various awesome lists for hackers, pentesters and security researchers

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), artif...

802.11 Attack Tool

Helping Ethical Hackers use LLMs in 50 Lines of Code or less..

A GPT-empowered penetration testing tool

Web path scanner

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

Tools and Techniques for Red Team / Penetration Testing

🐶 A curated list of Web Security materials and resources.

Gather and update all available and newest CVEs with their PoC.

Osintgram is a OSINT tool on Instagram. It offers an interactive shell to perform analysis on Instagram account of any users by its nickname

Practical resources for offensive CI/CD security research.

A Security Tool for Bug Bounty, Pentest and Red Teaming.

A collection of hacking / penetration testing resources to make you better!

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous mon...

hydra

A collection of hacking tools, resources and references to practice ethical hacking.

Awesome Vulnerable Applications

Attack Surface Management Platform

Practical resources for offensive CI/CD security research.

Helping Ethical Hackers use LLMs in 50 Lines of Code or less..

A fast subdomain takeover tool

PyAnonymous是一个应用于渗透测试场景下基于Python3的无落地内存马加载解决方案

PingRAT secretly passes C2 traffic through firewalls using ICMP payloads.

BlueToolkit is an extensible Bluetooth Classic vulnerability testing framework that helps uncover new and old vulnerabilities in Bluetooth-enabled devices. Could be used in the vulnerability research...

802.11 Attack Tool

Monitoring the Cloud Landscape

Repo containing cracked red teaming tools.

Fuzz 401/403/404 pages for bypasses

Delve into a comprehensive checklist, your ultimate companion for Android app penetration testing. Identify vulnerabilities in network, data, storage, and permissions effortlessly. Boost security skil...

A Python Hacking Library consisting of network scanner, arp spoofer and detector, dns spoofer, code injector, packet sniffer, network jammer, email sender, downloader, wireless password harvester cred...

Awesome Vulnerable Applications

Hack Victim android Camera Using Link with Termux/Kali-linux

The IoT security toolkit to help identify IoT related dashboards and scan them for default passwords and vulnerabilities.

This repo offers notes and resources on ethical hacking, covering information gathering, scanning, web hacking, exploitation, and Windows/Linux hacking.

Master cybersecurity skills with this TryHackMe free path, includes a collection of my write-ups, solutions and progress tracking.

Automated tool for WiFi hacking.

Work in progress...

Windows-based Reverse Engineering Toolkit "All-In-One", Built for Security (Malware analysis, Penetration testing) & Educational purposes.

BlueToolkit is an extensible Bluetooth Classic vulnerability testing framework that helps uncover new and old vulnerabilities in Bluetooth-enabled devices. Could be used in the vulnerability research...

Practical resources for offensive CI/CD security research.

A collection of various awesome lists for hackers, pentesters and security researchers

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous mon...

This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), artif...

Osintgram is a OSINT tool on Instagram. It offers an interactive shell to perform analysis on Instagram account of any users by its nickname

Helping Ethical Hackers use LLMs in 50 Lines of Code or less..

A GPT-empowered penetration testing tool

PingRAT secretly passes C2 traffic through firewalls using ICMP payloads.

Web path scanner

A collection of hacking tools, resources and references to practice ethical hacking.

hydra

Tools and Techniques for Red Team / Penetration Testing

🐶 A curated list of Web Security materials and resources.

802.11 Attack Tool

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

All-in-One Hacking Tools For Hackers! And more hacking tools! For termux.

Attack Surface Management Platform

Gather and update all available and newest CVEs with their PoC.

A collection of hacking / penetration testing resources to make you better!

A Python Hacking Library consisting of network scanner, arp spoofer and detector, dns spoofer, code injector, packet sniffer, network jammer, email sender, downloader, wireless password harvester cred...

BlueToolkit is an extensible Bluetooth Classic vulnerability testing framework that helps uncover new and old vulnerabilities in Bluetooth-enabled devices. Could be used in the vulnerability research...

PyAnonymous是一个应用于渗透测试场景下基于Python3的无落地内存马加载解决方案

Helping Ethical Hackers use LLMs in 50 Lines of Code or less..

PingRAT secretly passes C2 traffic through firewalls using ICMP payloads.

Practical resources for offensive CI/CD security research.

The C2 Cloud is a robust web-based C2 framework, designed to simplify the life of penetration testers. It allows easy access to compromised backdoors, just like accessing an EC2 instance in the AWS cl...

EyeSpy is a PowerShell tool for finding IP Cameras and spraying credentials at the underlying RTSP streams if present.

eLearnSecurity Junior Penetration Tester (eJPT) v2 Notes

本项目通过大模型联动爬虫，检索Github上所有存有有价值漏洞信息与漏洞POC或规则信息的项目，并自动识别项目的目录结构、Readme信息后进行总结分析并分类，所汇总的项目可以帮助安全行业从业者收集漏洞信息、POC信息、规则等。

A Python Hacking Library consisting of network scanner, arp spoofer and detector, dns spoofer, code injector, packet sniffer, network jammer, email sender, downloader, wireless password harvester cred...

Fuzz 401/403/404 pages for bypasses

Monitoring the Cloud Landscape

Repo containing cracked red teaming tools.

The IoT security toolkit to help identify IoT related dashboards and scan them for default passwords and vulnerabilities.

Find All Parameters - Tool to crawl pages, find potential parameters and generate a custom target parameter wordlist

A powerful and sophisticated tool for detecting and exploiting open redirect vulnerabilities using the sed utility and a selected list of carefully crafted payloads with encoding techniques.

802.11 Attack Tool

Delve into a comprehensive checklist, your ultimate companion for Android app penetration testing. Identify vulnerabilities in network, data, storage, and permissions effortlessly. Boost security skil...

Roadmap for Web Application Penetration Testing | FREE Resources (Not Pirated)

Hack The Box CPTS, CBBH Exam and Lab Reporting / Note-Taking Tool

802.11 Attack Tool

AI-Powered Ethical Hacking Assistant

Pen Test Report Generation and Assessment Collaboration

Tool for hiding Kali Linux on the network

Collection of cheat sheets useful for pentesting

Helping Ethical Hackers use LLMs in 50 Lines of Code or less..

PingRAT secretly passes C2 traffic through firewalls using ICMP payloads.

PolarDNS is a specialized authoritative DNS server suitable for penetration testing and vulnerability research.

Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.

The Internets #1 Subdomain Takeover Tool

Find All Parameters - Tool to crawl pages, find potential parameters and generate a custom target parameter wordlist

Deluder is a tool for intercepting traffic of proxy unaware applications. Currently, Deluder supports OpenSSL, GnuTLS, SChannel, WinSock and Linux Sockets out of the box. ⚡

The IoT security toolkit to help identify IoT related dashboards and scan them for default passwords and vulnerabilities.

one-stop resource for all things offensive security.

HackerToolkit offers a curated selection of tools designed to enhance your hacking capabilities. This repository not only organizes these tools but provides information about them. Easily install all ...

BlueToolkit is an extensible Bluetooth Classic vulnerability testing framework that helps uncover new and old vulnerabilities in Bluetooth-enabled devices. Could be used in the vulnerability research...

The IoT Security Testing Guide (ISTG) provides a comprehensive methodology for penetration tests in the IoT field, offering flexibility to adapt innovations, and developments in the IoT market while s...

The C2 Cloud is a robust web-based C2 framework, designed to simplify the life of penetration testers. It allows easy access to compromised backdoors, just like accessing an EC2 instance in the AWS cl...

The repository is a valuable resource for individuals looking to enhance their knowledge and skills in cybersecurity. It provides in-depth materials and guides for various cybersecurity domains.

Origin IP scanning utility developed with ChatGPT

A collection of various awesome lists for hackers, pentesters and security researchers

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), artif...

A GPT-empowered penetration testing tool

Osintgram is a OSINT tool on Instagram. It offers an interactive shell to perform analysis on Instagram account of any users by its nickname

A collection of hacking tools, resources and references to practice ethical hacking.

Tools and Techniques for Red Team / Penetration Testing

Web path scanner

A huge chunk of my personal notes since I started playing CTFs and working as a Red Teamer.

OSCP Cheat Sheet

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous mon...

hydra

An all-in-one hacking tool to remotely exploit Android devices using ADB and Metasploit-Framework to get a Meterpreter session.

All about bug bounty (bypasses, payloads, and etc)

A collection of hacking / penetration testing resources to make you better!

A Security Tool for Bug Bounty, Pentest and Red Teaming.

All-in-One Hacking Tools For Hackers! And more hacking tools! For termux.

🐶 A curated list of Web Security materials and resources.

Gather and update all available and newest CVEs with their PoC.

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

Find All Parameters - Tool to crawl pages, find potential parameters and generate a custom target parameter wordlist

Fuzz 401/403/404 pages for bypasses

A bash and powershell script to download the latest version of Burp-Suite Professional and use it for free.

Hack The Box CPTS, CBBH Exam and Lab Reporting / Note-Taking Tool

Delve into a comprehensive checklist, your ultimate companion for Android app penetration testing. Identify vulnerabilities in network, data, storage, and permissions effortlessly. Boost security skil...

A command-line interface (CLI) based utility to recursively crawl webpages. It is designed to systematically browse webpages' URLs and follow links to discover linked webpages' URLs.

This repo offers notes and resources on ethical hacking, covering information gathering, scanning, web hacking, exploitation, and Windows/Linux hacking.

BlueToolkit is an extensible Bluetooth Classic vulnerability testing framework that helps uncover new and old vulnerabilities in Bluetooth-enabled devices. Could be used in the vulnerability research...

Windows-based Reverse Engineering Toolkit "All-In-One", Built for Security (Malware analysis, Penetration testing) & Educational purposes.

Social Engineering Browser Update Attack.

Automated PowerHacker Suite: Your all-in-one solution for ethical hacking. Conduct comprehensive network mapping, vulnerability assessments, password cracking, wireless network analysis, social engine...

Tool for hiding Kali Linux on the network

Mass bruteforce authentication of network protocols

Web Security Scanner

Scripts for solving WebSecurity Academy labs of PortSwigger using Python

A VSCode Workspace based hacking environment utils. Starting your Note-Driven Hacking experience. Checkout the following link to sample of HackThebox mist.htb

Pass you eJPT Study Guide, here you have all tools and content you need!

w4af: web advanced application attack and audit framework, the open source web vulnerability scanner.

genpatch is IDA plugin that generates a python script for patching binary

An List of my own Powershell scripts, commands and Blogs for windows Red Teaming.