Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality. Learn more →
Top 23 pentest-tool Open-Source Projects
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
httpx
httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library. (by projectdiscovery)
-
scan4all
Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
reconftw
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
-
PhoneSploit-Pro
An all-in-one hacking tool to remotely exploit Android devices using ADB and Metasploit-Framework to get a Meterpreter session.
-
CloudFlair
🔎 Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.
-
-
SUDO_KILLER
A tool designed to exploit a privilege escalation vulnerability in the sudo program on Unix-like systems. It takes advantage of a specific misconfiguration or flaw in sudo to gain elevated privileges on the system, essentially allowing a regular user to execute commands as the root user.
-
pwncat
pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE) (by cytopia)
-
evillimiter
Tool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
I am new to Python. With the help of several users (thanks u/Diapolo10 and u/shiftybyte)I've been able to install Python and the dirsearch package. Dirsearch (https://github.com/maurosoria/dirsearch) allows for checking website paths with a wordlist. For example, I have a wordlist file with words like "dog", "cat", "bird", etc and I want to check the validity of those words as extensions on a website. Something like "example.com/bird", "example.com/cat", etc. I have a test wordlist in the same directory as dirsearch, but I am confused on how to proceed with the commands. I want to have it check my wordlist as extensions on the example.com website and then save output on if the webpath is valid or not. Just need a little bit of help.
Nice tool, only unfortunate name, consider changing it. Already very well know security tool named hydra https://github.com/vanhauser-thc/thc-hydra been around since 2001. Then facebook went ahead and named their config tool hydra https://github.com/facebookresearch/hydra on top of it. Like we get it, hydra popular mythology but we could use more original naming for tools
Project mention: HTTP toolkit that allows running multiple probes | news.ycombinator.com | 2024-04-02
I learned about chisel in PEN-200 / preparing for the OSCP.
Then I learned about, Ligolo-ng [1] which is a game-changer. I highly recommend checking it out. It is most applicable to a penetration test. It uses TLS so I'm not sure it could be used to address the issue mentioned in the article.
[1] https://github.com/nicocha30/ligolo-ng
NOTE:
The open source projects on this list are ordered by number of github stars.
The number of mentions indicates repo mentiontions in the last 12 Months or
since we started tracking (Dec 2020).
pentest-tool related posts
- HTTP toolkit that allows running multiple probes
- Burp HTTP history browser (BHHB)
- Help
- Windows scheduled task PE
- osmedeus - workflow engine for network osint
- Surface management tools
- Do I have to use a VM with openVPN?
-
A note from our sponsor - InfluxDB
www.influxdata.com | 23 Apr 2024
Index
What are some of the best open-source pentest-tool projects? This list will help you:
| Project | Stars | |
|---|---|---|
| 1 | dirsearch | 11,213 |
| 2 | HackBrowserData | 9,947 |
| 3 | thc-hydra | 8,997 |
| 4 | OneForAll | 7,676 |
| 5 | Sn1per | 7,501 |
| 6 | httpx | 6,803 |
| 7 | scan4all | 5,231 |
| 8 | reconftw | 5,231 |
| 9 | osmedeus | 5,069 |
| 10 | PhoneSploit-Pro | 4,165 |
| 11 | lscript | 3,844 |
| 12 | WinPwn | 3,177 |
| 13 | kb | 3,090 |
| 14 | Raccoon | 2,993 |
| 15 | PrivescCheck | 2,603 |
| 16 | Stowaway | 2,415 |
| 17 | CloudFlair | 2,388 |
| 18 | ligolo-ng | 2,112 |
| 19 | SUDO_KILLER | 2,092 |
| 20 | pwncat | 1,696 |
| 21 | PrintSpoofer | 1,690 |
| 22 | odat | 1,553 |
| 23 | evillimiter | 1,478 |
Sponsored
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com