Hack-with-Github / Awesome-Hacking

Star

A collection of various awesome lists for hackers, pentesters and security researchers

android security awesome reverse-engineering pentesting-windows hacking penetration-testing bug-bounty fuzzing

Updated Oct 4, 2020

swisskyrepo / PayloadsAllTheThings

Star

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

security hacking web-application cheatsheet enumeration penetration-testing bounty vulnerability methodology bugbounty pentest bypass payload payloads hacktoberfest privilege-escalation redteam

Updated Nov 24, 2020
Python

vitalysim / Awesome-Hacking-Resources

Star

A collection of hacking / penetration testing resources to make you better!

exploit reverse-engineering malware mitm hacking owasp penetration-testing ctf privilege-escalation buffer-overflow windows-privilege-escalation privilege-escalation-linux

Updated Nov 11, 2020

The-Art-of-Hacking / h4cker

Star

This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.

training exploit hackers hacking cybersecurity penetration-testing exploits vulnerability awesome-list video-course hacker vulnerability-management vulnerability-identification vulnerability-scanners vulnerability-assessment ethical-hacking awesome-lists exploit-development ethicalhacking hacking-series

Updated Nov 25, 2020
Python

qazbnm456 / awesome-web-security

Sponsor Star

🐶 A curated list of Web Security materials and resources.

security list awesome web penetration-testing awesome-list websecurity

Updated Nov 3, 2020

guardicore / monkey

Star

Infection Monkey - An automated pentest tool

penetration-testing security-automation security-tools infection-monkey

Updated Nov 24, 2020
Python

maurosoria / dirsearch

Star

Web path scanner

python security hacking bruteforce wordlist penetration-testing brute-force bug-bounty fuzzing infosec pentesting fuzzer brute appsec hacking-tool dirsearch dirbuster scanner-web bruteforcer

Updated Nov 25, 2020
Python

samratashok / nishang

Star

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

security powershell hacking activedirectory penetration-testing infosec powershell-script red-team nishang redteam

Updated Nov 2, 2020
PowerShell

vanhauser-thc / thc-hydra

Star

Open

Hydra not decoding ^USER^ and ^PASS^ when passed as HTTP Headers

6

jhertz commented Apr 17, 2020

Hi All,

So I'm trying to use hydra to bruteforce a login on a system that uses custom http headers to receive the username and password. Hydra does not seem to be doing substitution of ^USER^ and ^PASS^ when used as HTTP headers. If I issue issuing a call to hydra like this:

hydra "http-post://0.0.0.0:8000/:H=username\:^USER^:H=password\:^PASS^" -l admin -p admin

I see the following r

Unknown GET Requests

2

Open

Feature Request - use pkgconfig to detect build dependencies

5

sundowndev / hacker-roadmap

Star

📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.

roadmap hacking penetration-testing post-exploitation vulnerabilities pentest exploitation hacking-tool frameworks information-gathering web-hacking hacktools

Updated Oct 19, 2020

fireeye / commando-vm

Star

Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@fireeye.com

windows penetration-testing red-teaming fireeye-flare

Updated Oct 20, 2020
PowerShell

rmusser01 / Infosec_Reference

Star

An Information Security Reference That Doesn't Suck

windows linux osx reverse-engineering hacking forensics penetration-testing infosec pentesting references information-security privilege-escalation exfiltration infosec-reference red-team blueteam hacking-simulator privilege-escalation-exploits mitre-attack-db

Updated Nov 8, 2020

onlurking / awesome-infosec

Star

A curated list of awesome infosec courses and training resources.

security awesome lab penetration-testing courses infosec pentest security-professionals

Updated Oct 1, 2020

infoslack / awesome-web-hacking

Star

A list of web application security

scanner hacking penetration-testing web-security vulnerabilities metasploit web-hacking hacking-tools

Updated Oct 4, 2020

OlivierLaflamme / Cheatsheet-God

Star

Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

security awesome hacking cheatsheet penetration-testing penetration pentesting security-vulnerability information-security refresher hacking-tool oscp5 howto-tutorial security-tools oscp penetration-test oscp-journey hacking-code oscp-tools cheatsheet-god

Updated Sep 6, 2020

infobyte / faraday

Star

Collaborative Penetration Test and Vulnerability Management Platform

security devops chatops security-audit collaboration orchestration nmap penetration-testing vulnerability infosec pentesting collaborative cve nessus vulnerability-management vulnerability-scanners burpsuite security-automation devsecops continuous-scanning

Updated Sep 10, 2020
JavaScript

Arachni / arachni

Star

Web Application Security Scanner Framework

javascript ruby crawler security-audit modular hack dom analysis scanner detection hacking xss audit web-application penetration-testing sql-injection vulnerability-detection arachni scanners

Updated Jan 28, 2020
Ruby

j3ssie / Osmedeus

Star

Fully automated offensive security framework for reconnaissance and vulnerability scanning

osint hacking subdomain penetration-testing bugbounty scanning hacking-tool information-gathering security-tools reconnaissance pentest-tool osmedeus

Updated Nov 8, 2020
Python

urbanadventurer / WhatWeb

Star

Next generation web scanner

Updated Nov 4, 2020
Ruby

Hack-with-Github / Free-Security-eBooks

Star

Free Security and Hacking eBooks

security hacking forensics penetration-testing ebooks kali-linux cyber-security cloud-security hacking-ebooks hackers-handbook

Updated Jul 10, 2019

yeahhub / Hacking-Security-Ebooks

Star

Top 100 Hacking & Security E-Books (Free Download)

security books hacking penetration-testing ebooks kali-linux hacking-security-ebooks

Updated Sep 30, 2020

arismelachroinos / lscript

Star

The LAZY script will make your life easier, and of course faster.

shortcut penetration-testing shell-script pentesting wifiphisher wpa-cracker kali-linux bypass-av metasploit-framework payload pixie-dust bypass-antivirus wifi-password wpa2-handshake antivirus-evasion payload-generator sqlinjection pentest-tool wifi-testing eternalblue-doublepulsar-metasploit kali-scripts

Updated Nov 25, 2020
Shell

Mr-xn / Penetration_Testing_POC

Star

渗透测试有关的POC、EXP、脚本、提权、小工具等，欢迎补充、完善---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms

cms xss penetration-testing poc rce csrf cve bypass thinkphp authentication-bypass getshell penetration-testing-poc csrf-webshell sql-poc poc-exp oa-getshell cve-cms php-bypass sql-getshell

Updated Nov 24, 2020
PowerShell

Ullaakut / cameradar

Sponsor Star

Open

Support for creating new scanner with route array/string and not dictionary path

1

someshkoli commented Oct 23, 2020

Context

Please select one:

I use the docker image ullaakut/cameradar
I use my own build of the docker image
I use the pre-compiled binary
I use my own build of the binary
None of the above / I don't know

Please select one:

I use a specific version:
I use the latest commit of the master branch
I use the latest comm

Export found streams in M3U format for VLC import

1

Open

Translate documentation to Chinese & Russian

Find more good first issues →

coreb1t / awesome-pentest-cheat-sheets

Star

Collection of the cheat sheets useful for pentesting

security awesome cheatsheet penetration-testing pentest security-cheat-sheets pentest-cheat-sheets

Updated Aug 30, 2020

leebaird / discover

Star

Custom bash scripts used to automate various penetration testing tasks including recon, scanning, parsing, and creating malicious payloads and listeners with Metasploit.

bash osint nmap penetration-testing recon scanning kali-linux red-team information-gathering metasploit payload-generator reconnaissance

Updated Nov 25, 2020
PowerShell

jakejarvis / awesome-shodan-queries

Star

🔍 A collection of interesting, funny, and depressing search queries to plug into https://shodan.io/ 👩‍💻

iot security awesome cloud shodan hacking internet-of-things penetration-testing infosec awesome-list pentesting security-scanner security-tools dorks network-infrastructure shodan-dorks

Updated Aug 7, 2020

OWASP / wstg

Star

Open

ATHN-02 Testing for Default Credentials

ThunderSon commented Sep 12, 2020

What's the issue?
Overwritten test scenario, can be summarized and link to payload lists from other repos

How do we solve it?
Chop down the content to the required and needed information, link to payload lists instead of enumerating all possible usernames and passwords, provide further guidance on how to test.

If no one is up to handle it, I can take care of it

ATHN-01 Can be removed and replaced by the Crypto Tests

Open

Status Tab in WSTG Checklist

1

Find more good first issues →

scipag / vulscan

Star

Advanced vulnerability scanning with Nmap NSE

security security-audit lua exploit lua-script nmap penetration-testing vulnerability vulnerability-databases vulnerability-detection nse vulnerability-identification vulnerability-scanners security-scanner vulnerability-assessment nmap-scripts nsescript nmap-scan-script vulnerability-scanning vulnerability-database-entry

Updated May 22, 2020
Lua

RhinoSecurityLabs / pacu

Star

The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.

python aws security penetration-testing aws-security

Updated Nov 12, 2020
Python

Oct	NOV	Dec
	25
2019	2020	2021

penetration-testing

Here are 840 public repositories matching this topic...

Hack-with-Github / Awesome-Hacking

swisskyrepo / PayloadsAllTheThings

vitalysim / Awesome-Hacking-Resources

The-Art-of-Hacking / h4cker

qazbnm456 / awesome-web-security

guardicore / monkey

maurosoria / dirsearch

samratashok / nishang

vanhauser-thc / thc-hydra

sundowndev / hacker-roadmap

fireeye / commando-vm

rmusser01 / Infosec_Reference

onlurking / awesome-infosec

infoslack / awesome-web-hacking

OlivierLaflamme / Cheatsheet-God

infobyte / faraday

Arachni / arachni

j3ssie / Osmedeus

urbanadventurer / WhatWeb

Hack-with-Github / Free-Security-eBooks

yeahhub / Hacking-Security-Ebooks

arismelachroinos / lscript

Mr-xn / Penetration_Testing_POC

Ullaakut / cameradar

Context

coreb1t / awesome-pentest-cheat-sheets

leebaird / discover

jakejarvis / awesome-shodan-queries

OWASP / wstg

scipag / vulscan

RhinoSecurityLabs / pacu

Improve this page

Add this topic to your repo

Essential cookies

Always active

Analytics cookies