The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning. Learn more →
Top 23 pentest-tool Open-Source Projects
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
httpx
httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library. (by projectdiscovery)
-
scan4all
Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
reconftw
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
-
PhoneSploit-Pro
An all-in-one hacking tool to remotely exploit Android devices using ADB and Metasploit-Framework to get a Meterpreter session.
-
CloudFlair
🔎 Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.
-
SUDO_KILLER
A tool designed to exploit a privilege escalation vulnerability in the sudo program on Unix-like systems. It takes advantage of a specific misconfiguration or flaw in sudo to gain elevated privileges on the system, essentially allowing a regular user to execute commands as the root user.
-
pwncat
pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE) (by cytopia)
-
evillimiter
Tool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
I am new to Python. With the help of several users (thanks u/Diapolo10 and u/shiftybyte)I've been able to install Python and the dirsearch package. Dirsearch (https://github.com/maurosoria/dirsearch) allows for checking website paths with a wordlist. For example, I have a wordlist file with words like "dog", "cat", "bird", etc and I want to check the validity of those words as extensions on a website. Something like "example.com/bird", "example.com/cat", etc. I have a test wordlist in the same directory as dirsearch, but I am confused on how to proceed with the commands. I want to have it check my wordlist as extensions on the example.com website and then save output on if the webpath is valid or not. Just need a little bit of help.
Nice tool, only unfortunate name, consider changing it. Already very well know security tool named hydra https://github.com/vanhauser-thc/thc-hydra been around since 2001. Then facebook went ahead and named their config tool hydra https://github.com/facebookresearch/hydra on top of it. Like we get it, hydra popular mythology but we could use more original naming for tools
Project mention: HTTP toolkit that allows running multiple probes | news.ycombinator.com | 2024-04-02
I learned about chisel in PEN-200 / preparing for the OSCP.
Then I learned about, Ligolo-ng [1] which is a game-changer. I highly recommend checking it out. It is most applicable to a penetration test. It uses TLS so I'm not sure it could be used to address the issue mentioned in the article.
[1] https://github.com/nicocha30/ligolo-ng
pentest-tool related posts
- HTTP toolkit that allows running multiple probes
- Burp HTTP history browser (BHHB)
- Help
- Windows scheduled task PE
- osmedeus - workflow engine for network osint
- Surface management tools
- Do I have to use a VM with openVPN?
-
A note from our sponsor - WorkOS
workos.com | 23 Apr 2024
Index
What are some of the best open-source pentest-tool projects? This list will help you:
Project | Stars | |
---|---|---|
1 | dirsearch | 11,213 |
2 | HackBrowserData | 9,947 |
3 | thc-hydra | 8,997 |
4 | OneForAll | 7,676 |
5 | Sn1per | 7,501 |
6 | httpx | 6,803 |
7 | scan4all | 5,231 |
8 | reconftw | 5,231 |
9 | osmedeus | 5,069 |
10 | PhoneSploit-Pro | 4,165 |
11 | lscript | 3,844 |
12 | WinPwn | 3,177 |
13 | kb | 3,090 |
14 | Raccoon | 2,993 |
15 | PrivescCheck | 2,603 |
16 | Stowaway | 2,415 |
17 | CloudFlair | 2,388 |
18 | ligolo-ng | 2,112 |
19 | SUDO_KILLER | 2,092 |
20 | pwncat | 1,696 |
21 | PrintSpoofer | 1,690 |
22 | odat | 1,553 |
23 | evillimiter | 1,478 |
Sponsored