Penetration Testing
Pentesting tools and CTF writeups
Showing 521-540 of 602 projects
deepzec/Bad-Pdf
This Python project allows stealing Net-NTLM hashes using a vulnerable PDF document, used for security research.
Quitten/Autorize
Autorize is an extension for Burp Suite that automates authorization enforcement detection to ease security testing.
CERT-Polska/Artemis
A modular, open-source vulnerability scanner with automatic report generation capabilities.
loseys/BlackMamba
A Python-based C2/post-exploitation framework for offensive security and penetration testing
shr3ddersec/Shr3dKit
A collection of red team tools and scripts for security research and penetration testing.
noobpk/frida-ios-hook
A tool that helps developers easily trace classes, functions, and modify method return values on iOS platforms.
NH-RED-TEAM/RustHound
An Active Directory data ingestor for BloodHound Legacy written in Rust, focused on security research and penetration testing.
wddadk/Offensive-OSINT-Tools
This is a collection of OSINT and penetration testing tools for security researchers and red teams.
mbrg/power-pwn
An offensive/defensive security toolset for discovering, reconning, and ethically assessing AI agents.
GreatSCT/GreatSCT
An open-source tool to generate application whitelist bypasses for red and blue team use.
xploitstech/Xteam
This is a collection of hacking tools for Android, Instagram, and wifi, not a developer discovery platform.
S1ckB0y1337/Cobalt-Strike-CheatSheet
This repository provides a cheatsheet for the Cobalt Strike penetration testing framework, useful for red team operations.
NYAN-x-CAT/Lime-RAT
LimeRAT is a simple yet powerful remote administration tool for Windows, commonly used for malicious purposes.
pgaijin66/XSS-Payloads
This repository provides a collection of advanced XSS payloads for penetration testing and security research.
vesche/scanless
An online port scan scraper written in Python for penetration testing and security research.
JoelGMSec/AutoRDPwn
A PowerShell framework for attacking RDP sessions and lateral movement in Windows environments.
CyberSecurityUP/Cloud-Security-Attacks
A repository providing examples and tools for conducting security assessments on Azure and AWS cloud environments.
JoelGMSec/EvilnoVNC
A ready-to-go phishing platform built with JavaScript for malicious social engineering attacks.
Zeyad-Azima/Offensive-Resources
A large collection of learning resources and labs for offensive security enthusiasts and professionals.
Viralmaniar/I-See-You
An OSINT tool for location tracking and social engineering attacks.
Stay in the loop
Get weekly updates on trending AI coding tools and projects.