"topic:pentesting" — Search

5,656 results for “topic:pentesting”

Hunt down social media accounts by username across social networks

clicticybersecurityforensicshacktoberfestinformation-gatheringinfoseclinuxosintpentestingpythonpython3reconnaissanceredteamsherlocktools

sqlmapproject/sqlmap

Automatic SQL injection and database takeover tool

Python36.8k6.2kUpdated 4 hours ago

databasedetectionexploitationpentestingpythonsql-injectionsqlmaptakeovervulnerability-scanner

KeygraphHQ/shannon

Shannon Lite is a fully autonomous AI pentester for web apps and APIs. 96.15% (100/104 exploits) on a hint-free, source-aware variant of the XBOW benchmark.

TypeScript33.1k3.3kUpdated just now

penetration-testingpentestingsecurity-auditsecurity-automationsecurity-tools

qeeqbox/social-analyzer

API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites

JavaScript22.1k2.1kUpdated just now

analysisanalyzercliinformation-gatheringjavascriptnodejsnodejs-cliosintpentestpentestingperson-profileprofilepythonreconnaissancesecurity-toolssocial-analyzersocial-mediasosintusername

bee-san/Ciphey

⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡

Python21.2k1.4kUpdated just now

artificial-intelligenceciphercppcryptographyctfctf-toolscyberchef-magicdecryptiondeep-neural-networkencodingsencryptionshackinghacktoberfesthashesnatural-language-processingpentestingpython

bee-san/RustScan

🤖 The Modern Port Scanner 🤖

Rust19.4k1.3kUpdated just now

dockerhackinghacktoberfestnetworkingnmappentestingportrustscanningsecuritysecurity-tools

soxoj/maigret

🕵️‍♂️ Collect a dossier on a person by username from thousands of sites

Python19.2k1.3kUpdated just now

blueteamclicybersecurityidentificationinfosecinvestigationnamecheckeropen-sourceosintosint-frameworkosint-pythonpentestingpythonpython3reconnaissanceredteamscrapingsherlocksocial-networksocmint

smicallef/spiderfoot

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

Python16.9k2.8kUpdated just now

attacksurfacecticybersecurityfootprintinghackinginformation-gatheringinformation-securityinfosecintelligence-gatheringosintosint-frameworkosint-reconnaissanceosint-toolpentestingpythonreconsecurity-toolsthreat-intelligencethreatintel

ffuf/ffuf

Fast web fuzzer written in Go

Go15.7k1.5kUpdated just now

fuzzerinfosecpentestingweb

sundowndev/hacker-roadmapArchived

A collection of hacking tools, resources and references to practice ethical hacking.

15.1k1.7kUpdated 6 hours ago

exploitationframeworkshackinghacking-toolhacktoolsinformation-gatheringpenetration-testingpentestpentestingpost-exploitationroadmapsecurityweb-hacking

maurosoria/dirsearch

Web path scanner

Python14.1k2.4kUpdated 3 hours ago

appsecbrutebug-bountybugbountydirsearchenumerationfuzzerfuzzinghackinghacking-toolinfosecpenetration-testingpentest-toolpentestingpythonred-teamingredteamscannersecuritywordlist

OJ/gobuster

Directory/File, DNS and VHost busting tool written in Go

Go13.5k1.6kUpdated 12 hours ago

dnsgopentestingtoolweb

OWASP/mastg

The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes technical processes for verifying the OWASP Mobile Security Weakness Enumeration (MASWE) weaknesses, which are in alignment with the OWASP MASVS.

Python12.8k2.7kUpdated 1 hour ago

androidandroid-applicationcompliancy-checklistdynamic-analysishackingiosios-appmastmastgmobile-appmobile-securitymstgnetwork-analysispentestingreverse-engineeringreverse-enginneringruntime-analysisstatic-analysistesting-cryptography

juice-shop/juice-shop

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

TypeScript12.7k16.8kUpdated just now

24pullrequestsapplication-securityappsecctfhackinghacktoberfestjavascriptowaspowasp-top-10owasp-top-tenpentestingsecurityvulnappvulnerable

promptfoo/promptfoo

Test your prompts, agents, and RAGs. AI Red teaming, pentesting, and vulnerability scanning for LLMs. Compare performance of GPT, Claude, Gemini, Llama, and more. Simple declarative configs with command line and CI/CD integration.

TypeScript12.3k1.1kUpdated just now

cici-cdcicdevaluationevaluation-frameworkllmllm-evalllm-evaluationllm-evaluation-frameworkllmopspentestingprompt-engineeringprompt-testingpromptsragred-teamingtestingvulnerability-scanners

vanhauser-thc/thc-hydra

hydra

C11.7k2.5kUpdated just now

brute-forcebrute-force-attacksbrute-force-passwordsbruteforcebruteforce-attacksbruteforcerbruteforcinghydranetwork-securitypassword-crackerpassword-crackingpenetration-testingpentestpentest-toolpentestingthc

HackTricks-wiki/hacktricks

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

CSS11.0k3.0kUpdated 4 hours ago

hackinghacktrickspeasspentesting

infosecn1nja/Red-Teaming-Toolkit

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

10.2k2.3kUpdated 5 hours ago

hackinginfosecpentestingred-team

blacklanternsecurity/bbot

The recursive internet scanner for hackers. 🧡

Python9.5k774Updated 1 day ago

asmattack-surface-managementautomationbugbountyclieasmhackingneo4josintosint-frameworkpentestingpythonreconrecursionscannersubdomain-enumerationsubdomain-scannersubdomainsthreat-intelligencethreatintel

1N3/Sn1per

Attack Surface Management Platform

Shell9.4k2.0kUpdated 3 hours ago

attack-surfaceattack-surface-managementattacksurfacebugbounty-platformcybersecurityhackinghacking-toolsosint-frameworkosint-toolpenetration-testingpentest-scriptspentest-toolpentest-toolspentestingpentesting-toolssecuritysecurity-toolssn1persn1per-professional

dstotijn/hetty

An HTTP toolkit for security research.

Go9.3k519Updated 5 hours ago

bugbountyhttpinfosecmitmpentestingproxy

byt3bl33d3r/CrackMapExecArchived

A swiss army knife for pentesting networks

Python9.1k1.7kUpdated 10 hours ago

active-directorynetworkspentestingpowershellpythonwindows

n1nj4sec/pupyArchived

Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) C2 and post-exploitation framework written in python and C

Python8.9k1.9kUpdated just now

androidbackdoorlinuxmac-osmeterpreterpayloadpentestingpost-exploitationpupypythonratreflective-injectionremote-accessremote-admin-toolreverse-shellshellwindows

OWASP/wstg

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

8.9k1.6kUpdated 12 hours ago

application-securityappsecbest-practicesbugbountyguidehackinghacktoberfestowasppenetration-testingpentestingsecurity

yogeshojha/rengine

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.

HTML8.5k1.3kUpdated 13 hours ago

bug-bountybugbountyhackinginformation-gatheringinfosecosintpenetration-testingpentestingreconrecon-enginereconnaissancerenginescannerscanner-webscanningsecurity-tools

TheKingOfDuck/fuzzDicts

You Know, For WEB Fuzzing !

Python8.3k2.5kUpdated 10 hours ago

directoryfuzz-testingfuzzerfuzzingparamterpasswordpentestingusernamewfuzz

HunxByts/GhostTrack

Useful tool to track location or mobile number

Python8.0k1.1kUpdated 1 hour ago