Top 12 Python penetration-testing-tool Projects
-
Villain
Villain is a C2 framework that can handle multiple TCP socket & HoaxShell-based reverse shells, enhance their functionality with additional features (commands, utilities etc) and share them among connected sibling servers (Villain instances running on different machines).
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
Spoofy
Spoofy is a program that checks if a list of domains can be spoofed based on SPF and DMARC records.
-
DevBrute
DevBrute is a versatile password brute forcing tool designed to tackle a wide range of Social Media accounts and Web Applications. With its robust capabilities, it's adept at breaking through various security barriers.
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
aizawa
Simple command-line webshell that executes commands via the HTTP request in order to avoid any WAF or IDS while bypassing disable_function.
-
asio
All Shell In One. Generate Reverse Shells and/or generate single code that runs all the payloads. (by jackrendor)
Project mention: WebSocket security: 9 common vulnerabilities & prevention methods | dev.to | 2023-09-25Comprehensive WebSocket security testing requires a deep understanding of the WebSocket protocol and practical experience in both manual and automated security testing techniques. Open tools like STEWS can detect known WebSocket vulnerabilities while commercial security tools like Burp Suite exist to intercept and manipulate WebSocket frames with ease, however they won't catch everything. Perform manual testing and fuzzing to identify unexpected behavior or vulnerabilities that automated tools might miss.
You will have to use a tool to bruteforce. Wordlists are just passwords in a list. A bruteforcer uses the list and tries each password one by one. So in short you could use some bruteforcer like https://github.com/shivamksharma/DevBrute
Python penetration-testing-tools related posts
Index
What are some of the best open-source penetration-testing-tool projects in Python? This list will help you:
Project | Stars | |
---|---|---|
1 | Villain | 3,563 |
2 | SSTImap | 644 |
3 | Spoofy | 532 |
4 | STEWS | 286 |
5 | jwtXploiter | 257 |
6 | DevBrute | 195 |
7 | BCA-Phantom | 93 |
8 | htkit | 56 |
9 | aizawa | 49 |
10 | Deep-Inside | 24 |
11 | cerberus | 21 |
12 | asio | 11 |
Sponsored