A list of awesome penetration testing tools and resources.
☆84Oct 19, 2023Updated 2 years ago
Alternatives and similar repositories for Awesome-Pentest
Users that are interested in Awesome-Pentest are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Progress of learning kernel development☆14Nov 20, 2022Updated 3 years ago
- A collection of my presentation materials.☆17Apr 29, 2024Updated last year
- create a "simulated internet" cyber range environment☆18Mar 31, 2026Updated last week
- PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.☆37Jul 11, 2023Updated 2 years ago
- Canary Hunter aims to be a quick PowerShell script to check for Common Canaries in various formats generated for free on canarytokens.org☆123Nov 9, 2022Updated 3 years ago
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Command-line tool for discovering SaaS platforms a company uses via DNS enumeration☆40Jul 23, 2025Updated 8 months ago
- GATOR - GCP Attack Toolkit for Offensive Research, a tool designed to aid in research and exploiting Google Cloud Environments☆90Jun 22, 2024Updated last year
- Tips, Tricks, and Scripts for Linux Post Exploitation☆38Mar 13, 2023Updated 3 years ago
- all random stuff that dont warrant a seperate repo☆12Sep 2, 2022Updated 3 years ago
- A bash tool used to install famous bug bounty tools. Mainly used when setting up a fresh environment.☆16Mar 20, 2023Updated 3 years ago
- Ludus roles to deploy ASR rules and MDI auditing settings☆24Aug 5, 2025Updated 8 months ago
- A folder to serve tools from during PT/Red Team engagements. Contains common executables and scripts for privesc, recon, pivoting and CVE…☆15Mar 15, 2024Updated 2 years ago
- An open-source process injection enumeration tool written in C#☆174Dec 16, 2022Updated 3 years ago
- Subdomain crawler with wordlist using python☆14Mar 22, 2020Updated 6 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- A Azure Exploitation Toolkit for Red Team & Pentesters☆165May 6, 2023Updated 2 years ago
- Read the contents of MS Word Documents using Cobalt Strike's Execute-Assembly☆118Sep 30, 2024Updated last year
- Miscellaneous examples for use with Cobalt Strike Beacon☆10Nov 19, 2020Updated 5 years ago
- SANS Workshop: Active Directory Privilege Escalation with Empire!☆37Nov 12, 2025Updated 4 months ago
- Freyja is a Golang, Purple Team agent that compiles into Windows, Linux and macOS x64 executables.☆41Oct 29, 2024Updated last year
- Firefox webInjector capable of injecting codes into webpages using a mitmproxy.☆42Oct 30, 2022Updated 3 years ago
- Turning Your Computer Into a GPS Tracker With Apple Maps☆18Feb 6, 2024Updated 2 years ago
- Aggressor script add-in for CobaltStrike to track file uploads☆48Nov 7, 2022Updated 3 years ago
- Providing Azure pipelines to create an infrastructure and run Atomic tests.☆53Jul 25, 2023Updated 2 years ago
- Wordpress hosting with auto-scaling on Cloudways • AdFully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
- SNMP Bash Script to discover valid community strings, dump basic information, check for write permission and check for RCE.☆11Apr 27, 2024Updated last year
- This project is an Ansible Role to execute Atomic Red Team tests against multiple machines by wrapping Invoke-AtomicRedTeam☆27Jul 4, 2024Updated last year
- ☆76Jun 5, 2021Updated 4 years ago
- ☆96Aug 3, 2025Updated 8 months ago
- A python package that helps with analysis of MSI files☆14Mar 28, 2021Updated 5 years ago
- ☆21May 8, 2022Updated 3 years ago
- Tool to perform differential fault analysis attack (DFA) on whiteboxes with external encodings.☆16Feb 10, 2023Updated 3 years ago
- A small Aggressor script to help Red Teams identify foreign processes on a host machine☆85Jan 6, 2023Updated 3 years ago
- ☆28Jan 6, 2024Updated 2 years ago
- NordVPN Threat Protection Pro™ • AdTake your cybersecurity to the next level. Block phishing, malware, trackers, and ads. Lightweight app that works with all browsers.
- Bypass Malware Sandbox Evasion Ram check☆141Jan 3, 2023Updated 3 years ago
- Buggyapp is an vulnerable android application. This app can be used by pentesters, security researchers to practice Android application p…☆13Jun 4, 2022Updated 3 years ago
- a tiny program to consume from ETW providers for research☆55Jan 4, 2025Updated last year
- A web front-end for password cracking and analytics☆387Feb 17, 2026Updated last month
- ☆34Jul 6, 2024Updated last year
- Converts JBoss/Wildfly management users properties file to hashcat format compatible with mode 20☆12Apr 26, 2020Updated 5 years ago
- Revenant - A 3rd party agent for Havoc that demonstrates evasion techniques in the context of a C2 framework☆388Jul 30, 2024Updated last year