Topic: pentest Goto Github

Some thing interesting about pentest

👇 Here are 1319 public repositories matching this topic...

0x4d31 / awesome-oscp

pentest,A curated list of awesome OSCP resources

User: 0x4d31

oscp oscp-prep oscp-tools offensive-security awesome-list pentesting penetration-testing pentest

a-poc / redteam-tools

pentest,Tools and Techniques for Red Team / Penetration Testing

User: a-poc

cheatsheet cybersecurity hacking penetration-testing red-team security-tools linux resources tools windows

alpkeskin / mosint

pentest,An automated e-mail OSINT tool

User: alpkeskin

osint hacking email-checker social-media email python-hacking pwn data-breach verification-service osint-tool

arainho / awesome-api-security

pentest,A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.

User: arainho

api-security api-sec awesome-list api-hacking api-pentest apisec security pentest fuzzing api-hacks

ascotbe / kernelhub

pentest,:palm_tree:Linux、macOS、Windows Kernel privilege escalation vulnerability collection, with compilation environment, demo GIF map, vulnerability details, executable file (提权漏洞合集)

User: ascotbe

Home Page: http://kernelhub.ascotbe.com/

exploits cve cve-2021-33739 cve-2021-26868 cve-2021-36934 cve-2021-40444 cve-2021-40449 cve-2021-42287 cve-2021-42278 cve-2021-34486

christophetd / cloudflair

pentest,🔎 Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.

User: christophetd

Home Page: https://blog.christophetd.fr/bypassing-cloudflare-using-internet-wide-scan-data/

cloudflare pentest-tool pentest censys

coreb1t / awesome-pentest-cheat-sheets

pentest,Collection of the cheat sheets useful for pentesting

User: coreb1t

cheatsheet security-cheat-sheets pentest-cheat-sheets security pentest awesome penetration-testing

cujanovic / ssrf-testing

pentest,SSRF (Server Side Request Forgery) testing resources

User: cujanovic

pentest pentest-tool pentesting server-side-request-forgery ssrf

daffainfo / allaboutbugbounty

pentest,All about bug bounty (bypasses, payloads, and etc)

User: daffainfo

bugbounty bugbountytips bypass payloads reconnaissance bug hacking security payload penetration-testing

epi052 / feroxbuster

pentest,A fast, simple, recursive content discovery tool written in Rust.

User: epi052

Home Page: https://epi052.github.io/feroxbuster/

web pentest pentesting-tool rust url-bruteforcer enumeration content-discovery hacktoberfest

evilcos / xssor2

pentest,XSS'OR - Hack with JavaScript.

User: evilcos

probe pentest-tool xss csrf encoding hacking-tool pentest hack

ffffffff0x / 1earn

pentest,ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

Organization: ffffffff0x

Home Page: https://home.ffffffff0x.com/

markdown-article linux-learning pentest study security collection blueteam redteam post-penetration ics-security

foospidy / payloads

pentest,Git All the Payloads! A collection of web attack payloads.

User: foospidy

payload payloads xss sqli web-attack-payloads passwords pentest hacking appsec cybersecurity

hackplayers / evil-winrm

pentest,The ultimate WinRM shell for hacking/pentesting

Organization: hackplayers

winrm shell hacking pentest ruby pentesting pentesting-windows remote-management win-rm evil-winrm

horsicq / detect-it-easy

pentest,Program for determining types of files for Windows, Linux and MacOS.

User: horsicq

Home Page: http://ntinfo.biz

debugger detect unpacker disassembler reverse-engineering elf packer detector binary-analysis program-analysis

ihebski / defaultcreds-cheat-sheet

pentest,One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

User: ihebski

infosec default-password pentesting bugbounty pentest credentials-gathering cheatsheet cybersecurity blueteam offensive-security

inonshk / 31-days-of-api-security-tips

pentest,This challenge is Inon Shkedy's 31 days API Security Tips.

User: inonshk

pentest api-pentest bug-bounty api-security security bugbountytips bugbounty infosec

isafeblue / trackray

User: isafeblue

pentest vulnerability

pentest,K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)

User: k8gege

exploit apt 0day poc getshell pentest hacking scanner privilege-escalation bypass

k8gege / ladon

pentest,Ladon大型内网渗透工具，可PowerShell模块化、可CS插件化、可内存加载，无文件扫描。含端口扫描、服务识别、网络资产探测、密码审计、高危漏洞检测、漏洞利用、密码读取以及一键GetShell，支持批量A段/B段/C段以及跨网段扫描，支持URL、主机、域名列表扫描等。Ladon 12.2内置262个功能,网络资产探测模块32个通过多种协议(ICMP\NBT\DNS\MAC\SMB\WMI\SSH\HTTP\HTTPS\Exchange\mssql\FTP\RDP)以及方法快速获取目标网络存活主机IP、计算机名、工作组、共享资源、网卡地址、操作系统版本、网站、子域名、中间件、开放服务、路由器、交换机、数据库、打印机等信息，高危漏洞检测16个含MS17010、Zimbra、Exchange

User: k8gege

Home Page: http://k8gege.org/Ladon/

brute-force exp exploit getshell hack hacking ipscanner ladon netscan password pentest poc portscan scanner security security-scanner security-tools tools

lanjelot / patator

pentest,Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.

User: lanjelot

pentest brute-force

lcvvvv / kscan

pentest,Kscan是一款纯go开发的全方位扫描器，具备端口扫描、协议检测、指纹识别，暴力破解等功能。支持协议1200+，协议指纹10000+，应用指纹20000+，暴力破解协议10余种。

User: lcvvvv

redteam scanner bruteforce brute-force pentest exploit red-team security webscan fingerprint

lirantal / awesome-nodejs-security

pentest,Awesome Node.js Security resources

User: lirantal

nodejs security cybersecurity web-security owasp vulnerabilities pentest infosec hacktoberfest

m0rtem / cloudfail

pentest,Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network

User: m0rtem

cloudflare tor ip database python3 scanner recon bruteforce cloudflare-ip pentest

matro7sh / bypassav

pentest,This map lists the essential techniques to bypass anti-virus and EDR

Organization: matro7sh

Home Page: https://matro7sh.github.io/BypassAV/

av bypass edr mindmap pentest redteam markdown

nahamsec / resources-for-beginner-bug-bounty-hunters

pentest,A list of resources for those interested in getting started in bug bounties

User: nahamsec

bug-bounty-hunters hackers xss bug-bounty learn2hack hacking pentest web-security education ssrf

nixawk / pentest-wiki

pentest,PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.

User: nixawk

pentest security hacking

onlurking / awesome-infosec

pentest, A curated list of awesome infosec courses and training resources.

User: onlurking

infosec pentest courses penetration-testing security-professionals lab awesome security

pennyw0rth / netexec

pentest,The Network Execution Tool

Organization: pennyw0rth

Home Page: https://netexec.wiki/

hacking pentest pentest-tool pentest-tools pentesting python python3 red-team active-directory infosec

pwndoc / pwndoc

pentest,Pentest Report Generator

Organization: pwndoc

Home Page: https://pwndoc.github.io/pwndoc

pentest reporting pentesting-tool reporting-tool security security-tool collaboration audit security-audit penetration-testing

qeeqbox / social-analyzer

pentest,API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites

Organization: qeeqbox

osint social-media analyzer username profile reconnaissance pentest information-gathering pentesting social-analyzer

rewardone / oscprepo

pentest,A list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP (and more) study material. Commands in 'Usefulcommands' Keepnote. Bookmarks and reading material in 'BookmarkList' CherryTree. Reconscan Py2 and Py3. Custom ISO building.

User: rewardone

oscp reconscan pentest penetration-testing

secwiki / linux-kernel-exploits

pentest,linux-kernel-exploits Linux平台提权漏洞集合

Organization: secwiki

awesome collection exploit kernel linux pentest tool

secwiki / windows-kernel-exploits

pentest,windows-kernel-exploits Windows平台提权漏洞集合

Organization: secwiki

windows kernel exploit tool collections pentest

sensepost / objection

pentest,📱 objection - runtime mobile exploration

Organization: sensepost

mobile pentest framework ios instrumentation frida security android

sevagas / macro_pack

pentest,macro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments. The goal of macro_pack is to simplify exploitation, antimalware bypass, and automatize the process from malicious macro and script generation to final document generation. It also provides a lot of helpful features useful for redteam or security research.

User: sevagas

Home Page: https://blog.sevagas.com

pentest social-engineering vba obfuscation redteam msoffice macros meterpreter

six2dez / reconftw

pentest,reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

User: six2dez

bugbounty hacking recon pentest subdomain nuclei vulnerabilities scanner fuzzing osint

skerkour / black-hat-rust

pentest,Applied offensive security with Rust - https://kerkour.com/black-hat-rust

Organization: skerkour

Home Page: https://kerkour.com/black-hat-rust

rust security pentest pentesting offensive-security red-team audit beacon c2 bug-bounty

snooppr / snoop

pentest,Snoop — инструмент разведки на основе открытых данных (OSINT world)

User: snooppr

Home Page: https://github.com/snooppr/snoop/releases

osint termux username-search username-checker pentest web-scraping ctf scanner redteam blueteam

sundowndev / hacker-roadmap

pentest,A collection of hacking tools, resources and references to practice ethical hacking.

User: sundowndev

hacking hacking-tool penetration-testing roadmap frameworks hacktools pentest web-hacking exploitation post-exploitation

swisskyrepo / payloadsallthethings

pentest,A list of useful payloads and bypass for Web Application Security and Pentest/CTF

User: swisskyrepo

Home Page: https://swisskyrepo.github.io/PayloadsAllTheThings/

pentest payload bypass web-application hacking vulnerability bounty methodology privilege-escalation penetration-testing

swisskyrepo / ssrfmap

pentest,Automatic SSRF fuzzer and exploitation tool

User: swisskyrepo

ssrf server-side-request-forgery exploitation vulnerability ssrfmap pentest ctf hacktoberfest

t3l3machus / villain

pentest,Villain is a C2 framework that can handle multiple TCP socket & HoaxShell-based reverse shells, enhance their functionality with additional features (commands, utilities etc) and share them among connected sibling servers (Villain instances running on different machines).

User: t3l3machus

open-source pentest pentesting readteaming redteam-tools redteam cybersecurity offensive-security c2 hacking

th3xace / sudo_killer

pentest,A tool designed to exploit a privilege escalation vulnerability in the sudo program on Unix-like systems. It takes advantage of a specific misconfiguration or flaw in sudo to gain elevated privileges on the system, essentially allowing a regular user to execute commands as the root user.

User: th3xace

sudo-exploitation abuse-sudo ctf exploits cve pentest pentest-tool privilege-escalation sudo linux-exploits