penetration-testing

A collection of various awesome lists for hackers, pentesters and security researchers

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

A collection of hacking / penetration testing resources to make you better!

This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.

📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.

Web path scanner

🐶 A curated list of Web Security materials and resources.

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

Infection Monkey - An automated pentest tool

Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@fireeye.com

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

A curated list of awesome infosec courses and training resources.

A list of web application security

Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

有关渗透测试的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms

Next generation web scanner

Fully automated offensive security framework for reconnaissance and vulnerability scanning

Collaborative Penetration Test and Vulnerability Management Platform

Top 100 Hacking & Security E-Books (Free Download)

Free Security and Hacking eBooks

The LAZY script will make your life easier, and of course faster.

Web Application Security Scanner Framework

🔍 A collection of interesting, funny, and depressing search queries to plug into https://shodan.io/ 👩‍💻

Collection of the cheat sheets useful for pentesting

Custom bash scripts used to automate various penetration testing tasks including recon, scanning, parsing, and creating malicious payloads and listeners with Metasploit.

Osintgram is a OSINT tool on Instagram. It offers an interactive shell to perform analysis on Instagram account of any users by its nickname

The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.