Build software better, together

swisskyrepo / PayloadsAllTheThings

Sponsor

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

security hacking web-application cheatsheet enumeration penetration-testing bounty vulnerability methodology bugbounty pentest bypass payload payloads hacktoberfest privilege-escalation redteam

Updated Jun 23, 2022
Python

qeeqbox / social-analyzer

Sponsor

Star

API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites

nodejs javascript python cli profile social-media osint analysis analyzer pentesting username pentest nodejs-cli information-gathering security-tools reconnaissance social-analyzer person-profile sosint

Updated Jun 18, 2022
JavaScript

sundowndev / hacker-roadmap

Star

A collection of hacking tools, resources and references to practice ethical hacking.

security roadmap hacking penetration-testing pentesting post-exploitation pentest exploitation hacking-tool frameworks information-gathering web-hacking hacktools

Updated Jun 14, 2022

smicallef / spiderfoot

Star

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

python osint hacking cybersecurity infosec pentesting threatintel pentest cti information-gathering intelligence-gathering security-tools threat-intelligence reconnaissance footprinting osint-framework attack-surface osint-reconnaissance osint-tool attacksurface

Updated Jun 23, 2022
Python

nahamsec / Resources-for-Beginner-Bug-Bounty-Hunters

Star

A list of resources for those interested in getting started in bug bounties

education hackers hacking xss bug-bounty web-security pentest ssrf bug-bounty-hunters learn2hack

Updated Jun 15, 2022

SecWiki / windows-kernel-exploits

Star

windows-kernel-exploits Windows平台提权漏洞集合

windows kernel exploit tool collections pentest

Updated Jun 11, 2021
C

sensepost / objection

Star

📱 objection - runtime mobile exploration

android security ios mobile framework instrumentation pentest frida

Updated May 16, 2022
Python

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)

database apt exploit scanner hacking password poc brute-force pentest bypass crack privilege-escalation 0day getshell netscan rar-mysql

Updated Apr 6, 2022
PowerShell

SecWiki / linux-kernel-exploits

Star

linux-kernel-exploits Linux平台提权漏洞集合

linux awesome collection kernel exploit tool pentest

Updated Jul 13, 2020
C

onlurking / awesome-infosec

Star

A curated list of awesome infosec courses and training resources.

security awesome lab penetration-testing courses infosec pentest security-professionals

Updated Jun 9, 2022

urbanadventurer / WhatWeb

Star

Next generation web scanner

Updated Feb 5, 2022
Ruby

ffffffff0x / 1earn

Star

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

security collection study hacking poc infosec ctf pentest markdown-article writeup blueteam ics-security security-tools pentest-tool redteam linux-learning post-penetration

Updated Jun 21, 2022
C++

k8gege / Ladon

Star

大型内网渗透扫描器&Cobalt Strike，Ladon9.1.4内置150个模块，包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2，密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem，Poc/Exploit,支持Cobalt Strike 3.X-4.0

security tools hack exploit scanner hacking password poc brute-force pentest portscan security-scanner exp security-tools ladon ipscanner getshell netscan

Updated Apr 6, 2022
C#

yaklang / yakit

Star

Cyber Security ALL-IN-ONE Platform

golang security exploit scanner hacking pentest burpsuite blueteam redteam hacking-tools redteam-tools

Updated Jun 24, 2022
TypeScript

foospidy / payloads

Star

Git All the Payloads! A collection of web attack payloads.

hacking xss cybersecurity sqli passwords pentest appsec payload payloads web-attack-payloads

Updated Apr 22, 2021
Shell

lanjelot / patator

Star

Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.

brute-force pentest

Updated Jun 22, 2022
Python

UndeadSec / SocialFish

Star

Phishing Tool & Information Collector

python phishing educational pentesting pentest undead

Updated Jun 10, 2022
CSS

epi052 / feroxbuster

Sponsor

Star

A fast, simple, recursive content discovery tool written in Rust.

rust web enumeration pentest hacktoberfest content-discovery url-bruteforcer pentesting-tool

Updated Jun 22, 2022
Rust

coreb1t / awesome-pentest-cheat-sheets

Star

Collection of the cheat sheets useful for pentesting

security awesome cheatsheet penetration-testing pentest security-cheat-sheets pentest-cheat-sheets

Updated Feb 28, 2022

nixawk / pentest-wiki

Star

PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.

security hacking pentest

Updated Oct 27, 2020
Python

six2dez / reconftw

Sponsor

Star

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

osint scanner hacking subdomain penetration-testing fuzzing infosec raspberry pentesting recon nuclei vulnerabilities bugbounty pentest reconnaissance

Updated Jun 24, 2022
Shell

Hackplayers / evil-winrm

Star

The ultimate WinRM shell for hacking/pentesting

ruby shell docker powershell pentesting-windows hacking kerberos pentesting winrm pentest pass-the-hash remote-management win-rm evil-winrm psrp

Updated Jun 22, 2022
Ruby

ihebski / DefaultCreds-cheat-sheet

Star

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

exploit cheatsheet cybersecurity infosec pentesting bugbounty pentest offensive-security blueteam default-password credentials-gathering

Updated May 9, 2022
Jupyter Notebook

rewardone / OSCPRepo

Star

A list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP (and more) study material. Commands in 'Usefulcommands' Keepnote. Bookmarks and reading material in 'BookmarkList' CherryTree. Reconscan Py2 and Py3. Custom ISO building.

penetration-testing pentest oscp reconscan

Updated Jun 22, 2020
C

evilcos / xssor2

Star

XSS'OR - Hack with JavaScript.

encoding hack xss probe csrf pentest hacking-tool pentest-tool

Updated Dec 12, 2021
JavaScript

lirantal / awesome-nodejs-security

Star

Open

Add a section for recorded talks ?

3

fraxken commented Apr 20, 2022

I thought it would be nice to have a section for talks related to Node.js security. What do you think ? (I can PR a bunch of talks i have in favorite if you are ok with the idea).

cujanovic / SSRF-Testing

Star

SSRF (Server Side Request Forgery) testing resources

pentesting pentest ssrf pentest-tool server-side-request-forgery

Updated Mar 9, 2022
Python

Ascotbe / Kernelhub

Star

🌴Kernel privilege escalation vulnerability collection, with compilation environment, demo GIF map, vulnerability details, executable file (提权漏洞合集)

Updated Apr 25, 2022
C

swisskyrepo / SSRFmap

Sponsor

Star

Automatic SSRF fuzzer and exploitation tool

vulnerability ctf pentest exploitation hacktoberfest ssrf server-side-request-forgery ssrfmap

Updated Mar 23, 2022
Python

pentest

Here are 971 public repositories matching this topic...

swisskyrepo / PayloadsAllTheThings

qeeqbox / social-analyzer

sundowndev / hacker-roadmap

smicallef / spiderfoot

nahamsec / Resources-for-Beginner-Bug-Bounty-Hunters

SecWiki / windows-kernel-exploits

vanhauser-thc / thc-hydra

Feature request: http-form module multipart format support

Unknown GET Requests

Feature Request - use pkgconfig to detect build dependencies

sensepost / objection

k8gege / K8tools

SecWiki / linux-kernel-exploits

onlurking / awesome-infosec

urbanadventurer / WhatWeb

ffffffff0x / 1earn

k8gege / Ladon

yaklang / yakit

foospidy / payloads

lanjelot / patator

UndeadSec / SocialFish

epi052 / feroxbuster

coreb1t / awesome-pentest-cheat-sheets

nixawk / pentest-wiki

six2dez / reconftw

Hackplayers / evil-winrm

ihebski / DefaultCreds-cheat-sheet

rewardone / OSCPRepo

evilcos / xssor2

lirantal / awesome-nodejs-security

Add a section for recorded talks ?

cujanovic / SSRF-Testing

Ascotbe / Kernelhub

swisskyrepo / SSRFmap

Improve this page

Add this topic to your repo

May	JUN	Jul
	25
2021	2022	2023