Penetration Testing
Pentesting tools and CTF writeups
Showing 401-420 of 603 projects
7kbstorm/7kbscan-WebPathBrute
A web path brute force tool for developers looking to identify hidden directories and files on web servers.
Jayy001/Search-That-Hash
A Python tool that searches various hash APIs to quickly crack hashes and integrates with HashCat for advanced cracking.
random-robbie/bruteforce-lists
A collection of wordlists and tools for bruteforcing and penetration testing purposes.
m4ll0k/Atlas
A Python tool that provides quick suggestions for SQLMap tampering techniques to bypass SQL injection defenses.
nikitastupin/clairvoyance
A Python tool to obtain GraphQL API schemas even when introspection is disabled, useful for security testing.
NytroRST/NetRipper
NetRipper is a PowerShell tool for penetration testing that allows smart traffic sniffing.
INotGreen/XiebroC2
A Go-based C2 tool for penetration testing with Lua plugin support, domain fronting, and remote file/process management.
4lbH4cker/ALHacking
This is an Albanian hacking tool with various functionalities for ethical hacking and information gathering.
shuanx/BurpAPIFinder
This Java plugin helps discover unauthorized/sensitive information/privilege escalation vulnerabilities in web applications during security testing.
zinja-coder/jadx-ai-mcp
A Java plugin for JADX that integrates the MCP (Model Context Protocol) server for reverse engineering and pentesting
vavkamil/awesome-vulnerable-apps
An awesome curated list of vulnerable web applications for security researchers and bug bounty hunters.
BiZken/PhishMailer
This Python project generates professional phishing emails for social engineering and hacking purposes.
hahwul/XSpear
A powerful XSS scanning and parameter analysis tool written in Ruby for bug bounty and penetration testing.
adon90/pentest_compilation
A compilation of commands, tips, and scripts for penetration testing and security research.
vxunderground/VXUG-Papers
This repository contains research code and papers from members of the vx-underground community, focused on malware development and research.
urbanadventurer/username-anarchy
This is a collection of tools for penetration testing and OSINT, not a vibe coder platform.
stampery/mongoaudit
A powerful MongoDB auditing and penetration testing tool for developers.
hmaverickadams/TCM-Security-Sample-Pentest-Report
This is a sample penetration testing report provided by TCM Security, not a developer discovery platform.
f0ng/autoDecoder
A Burp Suite plugin that enables custom data processing like encryption/decryption and brute-force attacks.
NHAS/reverse_ssh
A reverse shell written in Go that allows remote access and control over an SSH connection.
Stay in the loop
Get weekly updates on trending AI coding tools and projects.