Collection of cheat sheets useful for pentesting
A penetration testing playbook that's suitable for CTF challenges, bug bounty hunting and red team assessments.
Personal InfoSec blog
A collection of awesome penetration testing resources, tools and other shiny things. With repository stars⭐ and forks🍴
Welcome to the SecTools repository, a curated collection of penetration testing tools designed exclusively for educational purposes. This repository aims to provide a responsible and ethical environment for learning penetration testing techniques within legal boundaries.
Automatic SSTI detection tool with interactive interface
A web assembly (WASM) phishing lure generator based on pre-built templates and written in Rust with some GenAI assistance. W.A.L.K. aims at aiding with initial access during red teams and phishing exercises leveraging WASM smuggling techniques.
An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
⚡ Perform Evil Twin Attack Using NodeMCU Board
Wifi-crackerX is a tool for hacking a WPS/WPA/WPA2 Networks
SSH based reverse shell
Hawks is a simple C2 framework based on python which can handle multiple powershell agents through TCP and executed additional features.
INE/eLearnSecurity Web Application Penetration Tester (eWPTv2) Notes
The Internets #1 Subdomain Takeover Tool
Beacon Object File (BOF) launcher - library for executing BOF files in C/C++/Zig applications
Several scripts are based on the Netlas.io search engine. They will allow you to carry out the reconnaissance phase before the pen test in a semi-automatic mode: collect all the domains and IP addresses associated with the target and save the responses received after contacting these hosts in HTML format. Over time, new scripts will appear here.
📦 Make security testing of K8s, Docker, and Containerd easier.
Python script for fetching script tags without subresource integrity.
FIshShell is a multi-session handler and Windows & Linux backdoor payload generator. It allows users\targets to connect to the server (other machines running the multi-handler) after which the server admin/attacker can join sessions and also get a non-interactive reverse shell.
A repository to maintain the scripts I create for penetration testing
Add a description, image, and links to the penetration-testing-tools topic page so that developers can more easily learn about it.
To associate your repository with the penetration-testing-tools topic, visit your repo's landing page and select "manage topics."