A list of awesome penetration testing tools and resources.
☆84Oct 19, 2023Updated 2 years ago
Alternatives and similar repositories for Awesome-Pentest
Users that are interested in Awesome-Pentest are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Progress of learning kernel development☆14Nov 20, 2022Updated 3 years ago
- A collection of my presentation materials.☆17Apr 29, 2024Updated 2 years ago
- create a "simulated internet" cyber range environment☆18Mar 31, 2026Updated 3 weeks ago
- PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.☆37Jul 11, 2023Updated 2 years ago
- Canary Hunter aims to be a quick PowerShell script to check for Common Canaries in various formats generated for free on canarytokens.org☆123Nov 9, 2022Updated 3 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Command-line tool for discovering SaaS platforms a company uses via DNS enumeration☆40Jul 23, 2025Updated 9 months ago
- GATOR - GCP Attack Toolkit for Offensive Research, a tool designed to aid in research and exploiting Google Cloud Environments☆90Jun 22, 2024Updated last year
- Tips, Tricks, and Scripts for Linux Post Exploitation☆37Mar 13, 2023Updated 3 years ago
- A bash tool used to install famous bug bounty tools. Mainly used when setting up a fresh environment.☆16Mar 20, 2023Updated 3 years ago
- all random stuff that dont warrant a seperate repo☆12Sep 2, 2022Updated 3 years ago
- A folder to serve tools from during PT/Red Team engagements. Contains common executables and scripts for privesc, recon, pivoting and CVE…☆15Mar 15, 2024Updated 2 years ago
- An open-source process injection enumeration tool written in C#☆174Dec 16, 2022Updated 3 years ago
- Subdomain crawler with wordlist using python☆14Mar 22, 2020Updated 6 years ago
- A Azure Exploitation Toolkit for Red Team & Pentesters☆169May 6, 2023Updated 2 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Read the contents of MS Word Documents using Cobalt Strike's Execute-Assembly☆118Sep 30, 2024Updated last year
- SANS Workshop: Active Directory Privilege Escalation with Empire!☆37Nov 12, 2025Updated 5 months ago
- Freyja is a Golang, Purple Team agent that compiles into Windows, Linux and macOS x64 executables.☆41Oct 29, 2024Updated last year
- Firefox webInjector capable of injecting codes into webpages using a mitmproxy.☆42Oct 30, 2022Updated 3 years ago
- Turning Your Computer Into a GPS Tracker With Apple Maps☆18Feb 6, 2024Updated 2 years ago
- Aggressor script add-in for CobaltStrike to track file uploads☆48Nov 7, 2022Updated 3 years ago
- Providing Azure pipelines to create an infrastructure and run Atomic tests.☆53Jul 25, 2023Updated 2 years ago
- SNMP Bash Script to discover valid community strings, dump basic information, check for write permission and check for RCE.☆11Apr 27, 2024Updated 2 years ago
- This project is an Ansible Role to execute Atomic Red Team tests against multiple machines by wrapping Invoke-AtomicRedTeam☆27Jul 4, 2024Updated last year
- End-to-end encrypted cloud storage - Proton Drive • AdSpecial offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
- ☆98Apr 14, 2026Updated 2 weeks ago
- A python package that helps with analysis of MSI files☆14Mar 28, 2021Updated 5 years ago
- ☆21May 8, 2022Updated 3 years ago
- Tool to perform differential fault analysis attack (DFA) on whiteboxes with external encodings.☆16Feb 10, 2023Updated 3 years ago
- A small Aggressor script to help Red Teams identify foreign processes on a host machine☆86Jan 6, 2023Updated 3 years ago
- ☆28Jan 6, 2024Updated 2 years ago
- Bypass Malware Sandbox Evasion Ram check☆139Jan 3, 2023Updated 3 years ago
- a tiny program to consume from ETW providers for research☆56Jan 4, 2025Updated last year
- Buggyapp is an vulnerable android application. This app can be used by pentesters, security researchers to practice Android application p…☆13Jun 4, 2022Updated 3 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- A web front-end for password cracking and analytics☆391Feb 17, 2026Updated 2 months ago
- ☆34Jul 6, 2024Updated last year
- Converts JBoss/Wildfly management users properties file to hashcat format compatible with mode 20☆12Apr 26, 2020Updated 6 years ago
- Revenant - A 3rd party agent for Havoc that demonstrates evasion techniques in the context of a C2 framework☆389Jul 30, 2024Updated last year
- Azure and AWS Attacks☆1,118Nov 25, 2022Updated 3 years ago
- tool for generating wordlists or extending an existing one using mutations.☆390Feb 1, 2026Updated 2 months ago
- Standalone Cobalt Strike operation logging Aggressor script for Ghostwriter 2.0+☆36Dec 1, 2025Updated 4 months ago