"topic:pentest" — Search

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

Shell7.3k1.1kUpdated just now

bug-bountybugbountybugbounty-tooldnshackingnucleiosintpenetration-testingpentestpentest-toolpentestingreconreconnaissancescannersecuritysecurity-toolssubdomainsubdomain-enumerationvulnerabilities

yaklang/yakit

Cyber Security ALL-IN-ONE Platform

TypeScript7.1k787Updated 6 hours ago

blueteamburpsuiteexploitgolanghackinghacking-toolspentestredteamredteam-toolsscannersecurity

daffainfo/AllAboutBugBounty

All about bug bounty (bypasses, payloads, and etc)

6.7k1.2kUpdated 17 hours ago

bugbugbountybugbountytipsbypasshackinginfosecpayloadpayloadspenetration-testingpentestreconnaissancesecurityvulnerability

urbanadventurer/WhatWeb

Next generation web scanner

Ruby6.5k980Updated 23 hours ago

application-securityappsechackinghacking-toolskali-linuxnetwork-securityowasppenetration-testpenetration-testingpenetration-testing-toolspentestpentestingpentesting-toolsreconrubyscannersecuritysecurity-toolswebweb-hacking

ihebski/DefaultCreds-cheat-sheet

One place for all the default credentials to assist the Blue/Red teamers identifying devices with default password 🛡️

Python6.4k755Updated 17 hours ago

blueteamblueteam-toolsblueteamingbugbountycheatsheetcybersecuritydefault-passwordexploitinfosecoffensive-securityoffensive-security-projectspentestpentestingsoc

k8gege/K8tools

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)

PowerShell6.2k2.1kUpdated 1 day ago

0daybrute-forcebypasscrackdatabaseexpexploitgetshellhackinglpenetscanpasswordpentestpocprivilege-escalationrcescanner

alpkeskin/mosint

An automated e-mail OSINT tool

Go5.7k637Updated 5 hours ago

automationdata-breachemailemail-checkergohackinginformation-gatheringosintosint-toolpentestpwnpython-hackingsocial-mediasocmintverification-service

ffffffff0x/1earn

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

C++5.6k1.3kUpdated 18 hours ago

blueteamcollectionctfhackingics-securityinfoseclinux-learningmarkdown-articlepentestpentest-toolpocpost-penetrationredteamsecuritysecurity-toolsstudywriteup

onlurking/awesome-infosec

A curated list of awesome infosec courses and training resources.

5.6k742Updated 3 hours ago

awesomecoursesinfoseclabpenetration-testingpentestsecuritysecurity-professionals

SecWiki/linux-kernel-exploits

linux-kernel-exploits Linux平台提权漏洞集合

C5.6k1.7kUpdated 2 days ago

awesomecollectionexploitkernellinuxpentesttool

Pennyw0rth/NetExec

The Network Execution Tool

Python5.3k668Updated just now

active-directoryhackinginfosecinfosectoolsnetworkspentestpentest-toolpentest-toolspentestingpythonpython3red-teamsecuritysecurity-toolswindows

Hackplayers/evil-winrm

The ultimate WinRM shell for hacking/pentesting

Ruby5.3k681Updated 19 hours ago

dockerevil-winrmhackingkerberospass-the-hashpentestpentestingpentesting-windowspowershellpsrpremote-managementrubyshellwin-rmwinrm

k8gege/Ladon

Ladon大型内网渗透扫描器，PowerShell、Cobalt Strike插件、内存加载、无文件扫描。含端口扫描、服务识别、网络资产探测、密码审计、高危漏洞检测、漏洞利用、密码读取以及一键GetShell，支持批量A段/B段/C段以及跨网段扫描，支持URL、主机、域名列表扫描等。网络资产探测32种协议(ICMP\NBT\DNS\MAC\SMB\WMI\SSH\HTTP\HTTPS\Exchange\mssql\FTP\RDP)或方法快速获取目标网络存活主机IP、计算机名、工作组、共享资源、网卡地址、操作系统版本、网站、子域名、中间件、开放服务、路由器、交换机、数据库、打印机等，大量高危漏洞检测模块MS17010、Zimbra、Exchange

C#5.3k896Updated 1 day ago

brute-forceexpexploitgetshellhackhackingipscannerladonnetscanpasswordpentestpocportscanscannersecuritysecurity-scannersecurity-toolstools

UndeadSec/SocialFish

Phishing Tool & Information Collector

CSS4.7k1.4kUpdated 9 hours ago

educationalpentestpentestingphishingpythonundead

t3l3machus/Villain

Villain is a high level stage 0/1 C2 framework that can handle multiple reverse TCP & HoaxShell-based shells, enhance their functionality with additional features (commands, utilities) and share them among connected sibling servers (Villain instances running on different machines).

Python4.4k691Updated 3 hours ago

c2cybersecurityhackinghacking-tooloffensive-securityopen-sourcepenetration-testingpenetration-testing-toolspentestpentestingreadteamingredteamredteam-tools

skerkour/black-hat-rust

Applied offensive security with Rust - https://kerkour.com/black-hat-rust

Rust4.3k426Updated 8 hours ago

auditbeaconbug-bountybug-huntingc2hackinginfosecoffensive-securitypentestpentestingphishingred-teamrustscannersecuritysecurity-toolsshellcodestrojanviruswasm

coreb1t/awesome-pentest-cheat-sheetsArchived

Collection of the cheat sheets useful for pentesting

4.3k787Updated just now

awesomecheatsheetpenetration-testingpentestpentest-cheat-sheetssecuritysecurity-cheat-sheets

lcvvvv/kscan

Kscan是一款纯go开发的全方位扫描器，具备端口扫描、协议检测、指纹识别，暴力破解等功能。支持协议1200+，协议指纹10000+，应用指纹20000+，暴力破解协议10余种。

Go4.3k555Updated 1 day ago

brute-forcebruteforceexploitfingerprintpentestred-teamredteamscannersecuritywebscan

zan8in/afrog

A Security Tool for Bug Bounty, Pentest and Red Teaming.

Go4.2k467Updated 2 hours ago

afrogbug-bountypenetration-testingpentestpocred-teamingvulnerability-scannervulnerability-scanning-tools

Page 1 of 34