fr34k8 / awesome-pentestView external linksLinks
A collection of awesome penetration testing resources, tools and other shiny things
☆17Jan 25, 2026Updated 3 weeks ago
Alternatives and similar repositories for awesome-pentest
Users that are interested in awesome-pentest are comparing it to the libraries listed below
Sorting:
- Collection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQL…☆62May 4, 2017Updated 8 years ago
- Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature☆37Nov 8, 2017Updated 8 years ago
- Penetration Testing Methodology - short notes☆11May 30, 2015Updated 10 years ago
- List of special metadata IPs used in cloud services☆11Aug 9, 2019Updated 6 years ago
- All the information provided on this site is for educational purposes only.☆18Feb 27, 2024Updated last year
- Password Lists for penetration testing, sorted by language.☆13Nov 23, 2017Updated 8 years ago
- Bug Bounty Clipboard☆17Nov 6, 2019Updated 6 years ago
- Collection of content discovery wordlists in one wordlist.☆38Jan 18, 2022Updated 4 years ago
- Enumerate AWS S3 buckets using different permutations☆17Jan 28, 2022Updated 4 years ago
- Docker Pentest Lists are collection of Dockerfiles or Links to Dockerfiles for containers used in Penetration Tests☆21May 1, 2017Updated 8 years ago
- This little script for gathering chaos.projectdiscovery.io recon data in an organized way and finding the daily differences on it☆18Aug 9, 2020Updated 5 years ago
- Wordlist to get files/ folders listed by the app that may expose passwords, sensitive file or folders☆22Jul 10, 2020Updated 5 years ago
- A Burp Extender plugin that will allow you to tamper with requests containing compressed, serialized java objects.☆24Mar 1, 2019Updated 6 years ago
- Tool for test XSS vulnerabilities of a site☆18Apr 1, 2018Updated 7 years ago
- Collection of scripts that aid in penetration testing of JSON Web Tokens☆59Feb 2, 2019Updated 7 years ago
- ☆27Dec 5, 2019Updated 6 years ago
- Pulse SSL VPN Arbitrary File Read burp extension☆24Sep 24, 2019Updated 6 years ago
- A list to discover work of red team tooling and methodology for penetration testing and security assessment☆77Mar 8, 2019Updated 6 years ago
- A Burp Suite content discovery plugin that add the smart into the Buster!☆32Jan 22, 2018Updated 8 years ago
- Tools and resources for web app hacking. The payloads.txt documents are a must have for your Burpsuite intruder payload armory. They've h…☆28Jun 10, 2019Updated 6 years ago
- ffmpeg exploitation tool☆28Aug 3, 2016Updated 9 years ago
- Easy Fast recon script☆30Sep 15, 2019Updated 6 years ago
- Learning Penetration Testing of Android Applications☆80Aug 5, 2017Updated 8 years ago
- Collection of tips, tools and tutorials around infosec☆29May 18, 2017Updated 8 years ago
- Monitoring for leaks of sensitive information in git repositories☆43Dec 18, 2023Updated 2 years ago
- Tips for Penetration Testing☆137Aug 11, 2023Updated 2 years ago
- Subdomain Enumeration Wordlist. 8956437 unique words. Updated.☆75May 23, 2020Updated 5 years ago
- A small utility to generate a word security report by using a knowledge base(XLSX).☆12Nov 25, 2023Updated 2 years ago
- Zeek scripts that provide an alternative log file logging TLS/SSL traffic☆12May 4, 2021Updated 4 years ago
- This tool is uses for SQLI+LFI+XSS+LFI+RCE Dorking and finding vulnerable sites.☆31Feb 19, 2019Updated 6 years ago
- Scans a list of websites for Cloudfront or S3 Buckets☆110Oct 28, 2025Updated 3 months ago
- ☆42Jul 16, 2018Updated 7 years ago
- Portfolio website.☆10Nov 29, 2023Updated 2 years ago
- Automate Recon process using Shell Scripting☆11Nov 26, 2021Updated 4 years ago
- Pour découvrir le Gherkin, rien de tel que de le modéliser et de mettre les yeux dans le code !☆12Mar 14, 2021Updated 4 years ago
- Ready made ducky scripts to use in nethunter Duckhunter HID attack to perform bad usb attack right at your fingertips.☆10Nov 25, 2025Updated 2 months ago
- Pivot into private VPC networks using a VPN connection☆43Oct 8, 2019Updated 6 years ago
- BurpSuite's payload-generation extension aiming at applying fuzzed test-cases depending on the type of payload (integer, string, path; JS…☆40Mar 15, 2021Updated 4 years ago
- Recon_profile☆38May 18, 2020Updated 5 years ago