A list of awesome penetration testing tools and resources.
☆84Oct 19, 2023Updated 2 years ago
Alternatives and similar repositories for Awesome-Pentest
Users that are interested in Awesome-Pentest are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Progress of learning kernel development☆14Nov 20, 2022Updated 3 years ago
- A collection of my presentation materials.☆17Apr 29, 2024Updated 2 years ago
- create a "simulated internet" cyber range environment☆19Mar 31, 2026Updated 2 months ago
- Unify your OAST provider management and consolidate all interactions into a single, streamlined workflow.☆23May 23, 2026Updated 3 weeks ago
- PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.☆37Jul 11, 2023Updated 2 years ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- Canary Hunter aims to be a quick PowerShell script to check for Common Canaries in various formats generated for free on canarytokens.org☆138Nov 9, 2022Updated 3 years ago
- Command-line tool for discovering SaaS platforms a company uses via DNS enumeration☆40Jul 23, 2025Updated 10 months ago
- GATOR - GCP Attack Toolkit for Offensive Research, a tool designed to aid in research and exploiting Google Cloud Environments☆90Jun 22, 2024Updated last year
- Tips, Tricks, and Scripts for Linux Post Exploitation☆37Mar 13, 2023Updated 3 years ago
- all random stuff that dont warrant a seperate repo☆12Sep 2, 2022Updated 3 years ago
- A bash tool used to install famous bug bounty tools. Mainly used when setting up a fresh environment.☆16Mar 20, 2023Updated 3 years ago
- Ludus roles to deploy ASR rules and MDI auditing settings☆25Aug 5, 2025Updated 10 months ago
- A folder to serve tools from during PT/Red Team engagements. Contains common executables and scripts for privesc, recon, pivoting and CVE…☆15Mar 15, 2024Updated 2 years ago
- An open-source process injection enumeration tool written in C#☆174Dec 16, 2022Updated 3 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Subdomain crawler with wordlist using python☆15Mar 22, 2020Updated 6 years ago
- A Azure Exploitation Toolkit for Red Team & Pentesters☆169May 6, 2023Updated 3 years ago
- Read the contents of MS Word Documents using Cobalt Strike's Execute-Assembly☆118Sep 30, 2024Updated last year
- SANS Workshop: Active Directory Privilege Escalation with Empire!☆37Nov 12, 2025Updated 7 months ago
- Freyja is a Golang, Purple Team agent that compiles into Windows, Linux and macOS x64 executables.☆41Oct 29, 2024Updated last year
- Firefox webInjector capable of injecting codes into webpages using a mitmproxy.☆42Oct 30, 2022Updated 3 years ago
- Turning Your Computer Into a GPS Tracker With Apple Maps☆18Feb 6, 2024Updated 2 years ago
- Aggressor script add-in for CobaltStrike to track file uploads☆48Nov 7, 2022Updated 3 years ago
- Providing Azure pipelines to create an infrastructure and run Atomic tests.☆53Jul 25, 2023Updated 2 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- SNMP Bash Script to discover valid community strings, dump basic information, check for write permission and check for RCE.☆11Apr 27, 2024Updated 2 years ago
- This project is an Ansible Role to execute Atomic Red Team tests against multiple machines by wrapping Invoke-AtomicRedTeam☆28Jul 4, 2024Updated last year
- ☆76Jun 5, 2021Updated 5 years ago
- ☆98Apr 14, 2026Updated 2 months ago
- A python package that helps with analysis of MSI files☆14Mar 28, 2021Updated 5 years ago
- Tool to perform differential fault analysis attack (DFA) on whiteboxes with external encodings.☆16Feb 10, 2023Updated 3 years ago
- ☆21May 8, 2022Updated 4 years ago
- A small Aggressor script to help Red Teams identify foreign processes on a host machine☆86Jan 6, 2023Updated 3 years ago
- ☆28Jan 6, 2024Updated 2 years ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- Bypass Malware Sandbox Evasion Ram check☆140Jan 3, 2023Updated 3 years ago
- a tiny program to consume from ETW providers for research☆55Jan 4, 2025Updated last year
- Buggyapp is an vulnerable android application. This app can be used by pentesters, security researchers to practice Android application p…☆13Jun 4, 2022Updated 4 years ago
- A web front-end for password cracking and analytics☆394Jun 8, 2026Updated last week
- ☆34Jul 6, 2024Updated last year
- Converts JBoss/Wildfly management users properties file to hashcat format compatible with mode 20☆12Apr 26, 2020Updated 6 years ago
- Revenant - A 3rd party agent for Havoc that demonstrates evasion techniques in the context of a C2 framework☆391Jul 30, 2024Updated last year