Pentesting
Showing 36 of 58 projects
An open-source penetration testing tool that automates SQL injection detection and database takeover.
A modern, fast port scanner with a scripting engine and adaptive learning, capable of scanning all 65k ports in 3 seconds.
A modern, fast port scanner with a scripting engine that can scan all 65k ports in 3 seconds.
A modern, fast port scanner that finds all 65k ports in 3 seconds and features a scripting engine for extensibility.
A curated collection of awesome software, libraries, books, and resources for cybersecurity professionals.
A curated collection of awesome software, libraries, documents, books, and resources about cybersecurity.
A comprehensive manual for mobile app security testing and reverse engineering, aligned with OWASP MASVS and MASWE.
A curated list of Capture The Flag (CTF) frameworks, libraries, resources, software, and tutorials for security enthusiasts.
A curated collection of interesting, funny, and concerning search queries for Shodan.io to find exposed devices and services.
A Python toolkit for reverse engineering, analyzing, and pentesting Android applications (APK, DEX, resources).
A comprehensive, free information security reference covering techniques, tools, tactics, and resources for learning and professional development.
A Python-based hacking tool for remotely exploiting Android devices via ADB and Metasploit to gain Meterpreter sessions.
An automated penetration testing tool that detects and exploits command injection vulnerabilities in web applications.
A curated list of bug bounty programs, write-ups, and resources for security researchers and ethical hackers.
An intentionally vulnerable Kubernetes cluster environment for hands-on security training and practice.
A comprehensive cheat sheet and tool collection for mobile application penetration testing, mapped to OWASP Mobile Top 10 risks.
A penetration testing tool that discovers and accesses RTSP video surveillance cameras through network scanning and dictionary attacks.
A security testing framework for Android that identifies vulnerabilities by interacting with apps, IPC endpoints, and the OS.
A dynamic infrastructure framework for distributing security scanning workloads across multiple cloud instances.
A high-performance offensive security tool for reconnaissance, vulnerability scanning, and information gathering.
A Windows tool for extracting metadata and hidden information from documents found on web pages and local files.
An open-source firmware security analyzer for embedded Linux devices, performing extraction, static/dynamic analysis, SBOM generation, and vulnerability reporting.
A wireless keystroke injection attack platform that emulates a USB keyboard and is managed via WiFi.
A curated list of software, hardware, books, and research for embedded and IoT security analysis.
An advanced search and automation tool for mining code and sensitive information from public GitHub repositories.
A service that provides easy-to-remember reverse shell payloads for Unix-like systems, automatically detecting available software on the target.
A multi-platform client-server tool for distributing Hashcat password cracking tasks across multiple computers.
A plug-and-play script to crack password hashes using pre-configured, empirically-tuned hashcat attacks.
An AI-powered tool that analyzes source code to discover every endpoint, exposing shadow APIs and mapping the complete attack surface for security testing.
A modular vulnerability scanner that checks website security and automatically generates easy-to-read reports for organizations.
A modular, menu-driven tool for building time-delayed, distributed security event chains for Red, Blue, and Purple Team exercises.
An intelligent wordlist generator for password profiling using permutations and statistics based on target information.
A professional-grade web security scanner for penetration testing with intelligent, context-aware scanning and proof-based vulnerability detection.
A vulnerable Android CTF application demonstrating real-world security vulnerabilities and exploitation techniques.
A curated collection of resources for security research, vulnerability discovery, and pentesting of Electron.js applications.
A curated list of Bluetooth security resources covering vulnerabilities, tools, research, and conference talks for BR/EDR, LE, and Mesh.
Related Tags
Found a gem we're missing?
Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.