Topic: pentest Goto Github

Some thing interesting about pentest

👇 Here are 1417 public repositories matching this topic...

0x4d31 / awesome-oscp

pentest,A curated list of awesome OSCP resources

User: 0x4d31

awesome-list offensive-security oscp oscp-prep oscp-tools penetration-testing pentest pentesting

a-poc / redteam-tools

pentest,Tools and Techniques for Red Team / Penetration Testing

User: a-poc

cheatsheet cybersecurity hacking penetration-testing red-team security-tools linux resources tools windows enumeration payload pentest pentest-tools red-team-tools mitre-attack redteam

alpkeskin / mosint

pentest,An automated e-mail OSINT tool

User: alpkeskin

osint hacking email-checker social-media email python-hacking pwn data-breach verification-service osint-tool

arainho / awesome-api-security

pentest,A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.

User: arainho

api-security api-sec awesome-list api-hacking api-pentest apisec security pentest fuzzing api-hacks

ascotbe / kernelhub

pentest,:palm_tree:Linux、macOS、Windows Kernel privilege escalation vulnerability collection, with compilation environment, demo GIF map, vulnerability details, executable file (提权漏洞合集)

User: ascotbe

Home Page: http://kernelhub.ascotbe.com/

exploits cve cve-2021-33739 cve-2021-26868 cve-2021-36934 cve-2021-40444 cve-2021-40449 cve-2021-42287 cve-2021-42278 cve-2021-34486

christophetd / cloudflair

pentest,🔎 Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.

User: christophetd

Home Page: https://blog.christophetd.fr/bypassing-cloudflare-using-internet-wide-scan-data/

censys cloudflare pentest pentest-tool

coreb1t / awesome-pentest-cheat-sheets

pentest,Collection of the cheat sheets useful for pentesting

User: coreb1t

cheatsheet security-cheat-sheets pentest-cheat-sheets security pentest awesome penetration-testing

cujanovic / ssrf-testing

pentest,SSRF (Server Side Request Forgery) testing resources

User: cujanovic

ssrf pentest pentest-tool pentesting server-side-request-forgery

daffainfo / allaboutbugbounty

pentest,All about bug bounty (bypasses, payloads, and etc)

User: daffainfo

bug bugbounty bugbountytips bypass hacking infosec payload payloads penetration-testing pentest reconnaissance security vulnerability

epi052 / feroxbuster

pentest,A fast, simple, recursive content discovery tool written in Rust.

User: epi052

Home Page: https://epi052.github.io/feroxbuster/

web pentest pentesting-tool rust url-bruteforcer enumeration content-discovery hacktoberfest

evilcos / xssor2

pentest,XSS'OR - Hack with JavaScript.

User: evilcos

probe pentest-tool xss csrf encoding hacking-tool pentest hack

ffffffff0x / 1earn

pentest,ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

Organization: ffffffff0x

Home Page: https://home.ffffffff0x.com/

markdown-article linux-learning pentest study security collection blueteam redteam post-penetration ics-security

foospidy / payloads

pentest,Git All the Payloads! A collection of web attack payloads.

User: foospidy

payload payloads xss sqli web-attack-payloads passwords pentest hacking appsec cybersecurity

hackplayers / evil-winrm

pentest,The ultimate WinRM shell for hacking/pentesting

Organization: hackplayers

winrm shell hacking pentest ruby pentesting pentesting-windows remote-management win-rm evil-winrm

horsicq / detect-it-easy

pentest,Program for determining types of files for Windows, Linux and MacOS.

User: horsicq

Home Page: http://ntinfo.biz

debugger detect unpacker disassembler reverse-engineering elf packer detector binary-analysis program-analysis

ihebski / defaultcreds-cheat-sheet

pentest,One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

User: ihebski

infosec default-password pentesting bugbounty pentest credentials-gathering cheatsheet cybersecurity blueteam offensive-security

inonshk / 31-days-of-api-security-tips

pentest,This challenge is Inon Shkedy's 31 days API Security Tips.

User: inonshk

pentest api-pentest bug-bounty api-security security bugbountytips bugbounty infosec

isafeblue / trackray

User: isafeblue

pentest vulnerability

pentest,K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)

User: k8gege

exploit apt 0day poc getshell pentest hacking scanner privilege-escalation bypass crack netscan brute-force password database

k8gege / ladon

pentest,Ladon大型内网渗透工具，可PowerShell模块化、可CS插件化、可内存加载，无文件扫描。含端口扫描、服务识别、网络资产探测、密码审计、高危漏洞检测、漏洞利用、密码读取以及一键GetShell，支持批量A段/B段/C段以及跨网段扫描，支持URL、主机、域名列表扫描等。Ladon 12.2内置262个功能,网络资产探测模块32个通过多种协议(ICMP\NBT\DNS\MAC\SMB\WMI\SSH\HTTP\HTTPS\Exchange\mssql\FTP\RDP)以及方法快速获取目标网络存活主机IP、计算机名、工作组、共享资源、网卡地址、操作系统版本、网站、子域名、中间件、开放服务、路由器、交换机、数据库、打印机等信息，高危漏洞检测16个含MS17010、Zimbra、Exchange

User: k8gege

Home Page: http://k8gege.org/Ladon/

scanner portscan pentest hacking security security-tools security-scanner poc getshell brute-force

lanjelot / patator

pentest,Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.

User: lanjelot

brute-force pentest

lcvvvv / kscan

pentest,Kscan是一款纯go开发的全方位扫描器，具备端口扫描、协议检测、指纹识别，暴力破解等功能。支持协议1200+，协议指纹10000+，应用指纹20000+，暴力破解协议10余种。

User: lcvvvv

brute-force bruteforce exploit fingerprint pentest red-team redteam scanner security webscan

lirantal / awesome-nodejs-security

pentest,Awesome Node.js Security resources

User: lirantal

nodejs security cybersecurity web-security owasp vulnerabilities pentest infosec hacktoberfest

m0rtem / cloudfail

pentest,Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network

User: m0rtem

bruteforce cloudflare cloudflare-ip database ip pentest pentesting python3 recon scanner tor

matro7sh / bypassav

pentest,This map lists the essential techniques to bypass anti-virus and EDR

Organization: matro7sh

Home Page: https://matro7sh.github.io/BypassAV/

av bypass edr mindmap pentest redteam markdown

nahamsec / resources-for-beginner-bug-bounty-hunters

pentest,A list of resources for those interested in getting started in bug bounties

User: nahamsec

bug-bounty-hunters hackers xss bug-bounty learn2hack hacking pentest web-security education ssrf

nixawk / pentest-wiki

pentest,PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.

User: nixawk

pentest security hacking

onlurking / awesome-infosec

pentest, A curated list of awesome infosec courses and training resources.

User: onlurking

infosec pentest courses penetration-testing security-professionals lab awesome security

pennyw0rth / netexec

pentest,The Network Execution Tool

Organization: pennyw0rth

Home Page: https://netexec.wiki/

hacking pentest pentest-tool pentest-tools pentesting python python3 red-team active-directory infosec

pwndoc / pwndoc

pentest,Pentest Report Generator

Organization: pwndoc

Home Page: https://pwndoc.github.io/pwndoc

pentest reporting pentesting-tool reporting-tool security security-tool collaboration audit security-audit penetration-testing

qeeqbox / social-analyzer

pentest,API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites

Organization: qeeqbox

osint social-media analyzer username profile reconnaissance pentest information-gathering pentesting social-analyzer

rewardone / oscprepo

pentest,A list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP (and more) study material. Commands in 'Usefulcommands' Keepnote. Bookmarks and reading material in 'BookmarkList' CherryTree. Reconscan Py2 and Py3. Custom ISO building.

User: rewardone

oscp penetration-testing pentest reconscan

secwiki / linux-kernel-exploits

pentest,linux-kernel-exploits Linux平台提权漏洞集合

Organization: secwiki

awesome collection exploit kernel linux pentest tool

secwiki / windows-kernel-exploits

pentest,windows-kernel-exploits Windows平台提权漏洞集合

Organization: secwiki

collections exploit kernel pentest tool windows

sensepost / objection

pentest,📱 objection - runtime mobile exploration

Organization: sensepost

mobile pentest framework ios instrumentation frida security android

sevagas / macro_pack

pentest,macro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments. The goal of macro_pack is to simplify exploitation, antimalware bypass, and automatize the process from malicious macro and script generation to final document generation. It also provides a lot of helpful features useful for redteam or security research.

User: sevagas

Home Page: https://blog.sevagas.com

pentest social-engineering vba obfuscation redteam msoffice macros meterpreter

six2dez / reconftw

pentest,reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

User: six2dez

bugbounty hacking recon pentest subdomain nuclei vulnerabilities scanner fuzzing osint penetration-testing pentesting reconnaissance dns pentest-tool security security-tools bug-bounty

skerkour / black-hat-rust

pentest,Applied offensive security with Rust - https://kerkour.com/black-hat-rust

Organization: skerkour

Home Page: https://kerkour.com/black-hat-rust

rust security pentest pentesting offensive-security red-team audit beacon c2 bug-bounty

snooppr / snoop

pentest,Snoop — инструмент разведки на основе открытых данных (OSINT world)

User: snooppr

Home Page: https://github.com/snooppr/snoop/releases

blueteam ctf geo geocoder infosec ip nickname osint parser pentest police redteam scanner scraping security termux username username-checker username-search web-scraping

sundowndev / hacker-roadmap

pentest,A collection of hacking tools, resources and references to practice ethical hacking.

User: sundowndev

hacking hacking-tool penetration-testing roadmap frameworks hacktools pentest web-hacking exploitation post-exploitation

swisskyrepo / payloadsallthethings

pentest,A list of useful payloads and bypass for Web Application Security and Pentest/CTF

User: swisskyrepo

Home Page: https://swisskyrepo.github.io/PayloadsAllTheThings/

bounty bugbounty bypass cheatsheet enumeration hacking hacktoberfest methodology payload payloads penetration-testing pentest privilege-escalation redteam security vulnerability web-application

swisskyrepo / ssrfmap

pentest,Automatic SSRF fuzzer and exploitation tool

User: swisskyrepo

ctf exploitation hacktoberfest pentest server-side-request-forgery ssrf ssrfmap vulnerability

t3l3machus / villain

pentest,Villain is a high level stage 0/1 C2 framework that can handle multiple TCP socket & HoaxShell-based reverse shells, enhance their functionality with additional features (commands, utilities) and share them among connected sibling servers (Villain instances running on different machines).

User: t3l3machus

open-source pentest pentesting readteaming redteam-tools redteam cybersecurity offensive-security c2 hacking

th3xace / sudo_killer

pentest,A tool designed to exploit a privilege escalation vulnerability in the sudo program on Unix-like systems. It takes advantage of a specific misconfiguration or flaw in sudo to gain elevated privileges on the system, essentially allowing a regular user to execute commands as the root user.

User: th3xace

sudo-exploitation abuse-sudo ctf exploits cve pentest pentest-tool privilege-escalation sudo linux-exploits