Penetration Testing
Pentesting tools and CTF writeups
Showing 381-400 of 603 projects
jseidl/GoldenEye
A Python-based DDoS testing tool that can perform Layer 7 attacks using KeepAlive+NoCache techniques.
Lucifer1993/AngelSword
A Python framework for detecting vulnerabilities in content management systems (CMS).
SySS-Research/Seth
A Python-based proof-of-concept tool to perform a MitM attack and extract clear text credentials from RDP connections.
D4Vinci/Dr0p1t-Framework
A framework for creating stealthy malware droppers that bypass antivirus software
I-Am-Jakoby/PowerShell-for-Hackers
A collection of PowerShell functions for hackers and penetration testers.
Berkanktk/CyberSecurity
A collection of essential cybersecurity resources and tools for security researchers and pentesters.
faizann24/wifi-bruteforcer-fsecurify
An Android app that can brute force WiFi passwords without requiring a rooted device.
skyw4tch3r/RootKits-List-Download
This repository provides a comprehensive list of rootkits for security research and penetration testing.
0x09AL/RdpThief
A C++ tool for extracting clear text passwords from the Windows Remote Desktop Protocol (RDP) client.
assetnote/nowafpls
A Burp Suite plugin to bypass WAFs by inserting junk data into requests.
inguardians/peirates
Peirates is a Kubernetes Penetration Testing tool written in Go for security research and vulnerability assessment.
epsylon/xsser
An automatic framework to detect, exploit and report XSS vulnerabilities in web applications.
Lucifer1993/struts-scan
A Python2 tool for detecting and exploiting Struts2 vulnerabilities across all versions.
t3l3machus/psudohash
Generates millions of password mutations in seconds for penetration testing and security research.
Raikia/FiercePhish
FiercePhish is a full-fledged phishing framework to manage phishing engagements and campaigns.
vladko312/SSTImap
An automatic SSTI detection tool with an interactive interface for penetration testing and security research.
initstring/passphrase-wordlist
A Python library for generating password wordlists and hashcat rules for offline password cracking
Ha3MrX/InstaBrute
This is a shell script for brute-forcing Instagram account passwords, not a developer tool for vibe coders.
Clats97/ClatScope
ClatScope is a powerful OSINT tool for investigators, penetration testers, and researchers to retrieve geolocation, DNS, WHOIS, phone, email, and data breach information.
pushsecurity/saas-attacks
A collection of SaaS attack techniques to help defenders understand the threats they face.
Stay in the loop
Get weekly updates on trending AI coding tools and projects.