Pentest Tools

The tools listed below are commonly used in penetration testing, and the tool catalog is referenced from Kali Tools, most of which are open source software. The project long-term supplementary update QAQ

TODO

Directory
Browser bookmarks
Tools Usage
Virtual machine - Windows11 Penetration Suite Toolkit

List

Information Gathering
Vulnerability Analysis
Web Applications
Database Assessment
Password Attacks
Wireless Attacks
Reverse Engineering
Exploitation Tools
Sniffing & Spoofing
Maintaining Access
Golang Sec Tools
Reporting & Collaboration
Social Engineering
Code Audit
Port Forwarding & Proxies
DevSecOps
RootKit
Pentesting Distribution
Cyber Range

Information Gathering

Domain Name

whois - Windows Whois performs the registration record for the domain name or IP address that you specify.
DNSrecon-gui - DNSrecon tool with GUI for Kali Linux
Dnsx - dnsx is a fast and multi-purpose DNS toolkit allow to run multiple DNS queries of your choice with a list of user-supplied resolvers.

Subdomain

subDomainsBrute - A fast sub domain brute tool for pentesters
ksubdomain - Subdomain enumeration tool, asynchronous dns packets, use pcap to scan 1600,000 subdomains in 1 second
Sublist3r - Fast subdomains enumeration tool for penetration testers
OneForAll - 👊 OneForAll is a powerful subdomain integration tool
LayerDomainFinder - a subdomains enumeration tool by Layer
ct - Collect information tools about the target domain.
Subfinder - Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing.
Probable_subdomains - Subdomains analysis and generation tool. Reveal the hidden!
- domains - Generate subdomains and wordlists Online.
MassDNS - High-performance DNS stub resolver targeting those who seek to resolve a massive amount of domain names in the order of millions or even billions.
altdns - Altdns takes in words that could be present in subdomains under a domain (such as test, dev, staging) as well as takes in a list of subdomains that you know of.
dnscan - Fast and lightweight dns bruteforcer with built-in wordlist and zone transfer checks.

Google Hacking

GHDB - Google Hack Database
SearchDiggity - SearchDiggity 3.1 is the primary attack tool of the Google Hacking Diggity Project
Katana - A Python Tool For google Hacking
GooFuzz - GooFuzz is a tool to perform fuzzing with an OSINT approach, managing to enumerate directories, files, subdomains or parameters without leaving evidence on the target's server and by means of advanced Google searches (Google Dorking).
Pagodo - pagodo (Passive Google Dork) - Automate Google Hacking Database scraping and searching .
Google-Dorks - Useful Google Dorks for WebSecurity and Bug Bounty

Github

GitHacker - 🕷️ A Git source leak exploit tool that restores the entire Git repository, including data from stash, for white-box auditing and analysis of developers' mind.
GitGraber - gitGraber is a tool developed in Python3 to monitor GitHub to search and find sensitive data in real time for different online services.
GitMiner - Tool for advanced mining for content on Github.
Gitrob - Reconnaissance tool for GitHub organizations.
GitGot Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.
GitDump - A pentesting tool that dumps the source code from .git even when the directory traversal is disabled

SVN

svnExploit - Support for SVN source code disclosure of full version and Dump it.
SvnHack - SvnHack is a SVN folder disclosure exploit. 🔒

Port Scan

Nmap | Zenmap - Free and open source utility for network discovery and security auditing
Masscan - TCP port scanner, spews SYN packets asynchronously
Ports - Common service ports and exploitations
Goby - Attack surface mapping
- Gobyu-POC - The POC of Goby .
Goscan - Interactive Network Scanner
NimScan - 🚀 Fast Port Scanner 🚀
RustScan - 🤖 The Modern Port Scanner 🤖
TXPortMap - Port Scanner & Banner Identify From TianXiang
Scaninfo - fast scan for redtools
SX - 🖖 Fast, modern, easy-to-use network scanner
Yujianportscan A Fast Port Scanner GUI Tools Build by VB.NET + IOCP
Naabu - A fast port scanner written in go with a focus on reliability and simplicity.

OSINT

theHarvester- E-mails, subdomains and names Harvester - OSINT
SpiderFoot - SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Recon-ng - Open Source Intelligence gathering tool aimed at reducing the time spent harvesting information from open sources.
FOCA - Tool to find metadata and hidden information in the documents.
Amass - In-depth Attack Surface Mapping and Asset Discovery
Censys-subdomain-finder - Perform subdomain enumeration using the certificate transparency logs from Censys.
EmailHarvester - Email addresses harvester
Finalrecon - The Last Web Recon Tool You'll Need.
LittleBrother - Information gathering (OSINT) on a person (EU)
Octosuite - Advanced Github OSINT Framework
Kunyu - Kunyu, more efficient corporate asset collection
Glass - OSINT Framework with Fofa/ZoomEye/Shodan/360 API
BBOT - OSINT automation for hackers.
octosuite - Advanced Github OSINT Framework
GHunt - 🕵️‍♂️ Offensive Google framework.

Phishing

gophish - Open-Source Phishing Toolkit
AdvPhishing - This is Advance Phishing Tool ! OTP PHISHING
SocialFish - Educational Phishing Tool & Information Collector
Zphisher - An automated phishing tool with 30+ templates. This Tool is made for educational purpose only ! Author will not be responsible for any misuse of this toolkit !
Nexphisher - Advanced Phishing tool for Linux & Termux

Vulnerability Analysis

Fuzzing

httpX -httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.

Vulnerability Scanner

Struts-Scan - Struts2 vulnerability detection and utilization tools
Nikto - Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items
W3af - Web application attack and audit framework, the open source web vulnerability scanner
Openvas - The world's most advanced Open Source vulnerability scanner and manager
- Openvas Docker
Archery - Open Source Vulnerability Assessment and Management helps developers and pentesters to perform scans and manage vulnerabilities
Taipan - Web application vulnerability scanner
Arachni - Web Application Security Scanner Framework
Nuclei - Fast and customizable vulnerability scanner based on simple YAML based DSL.
Xray - A passive-vulnerability-scanner Tool.
Super-Xray - Web Vulnerability Scanner XRAY GUI Starter
SiteScan - AllinOne Website Information Gathering Tools for pentest.
Banli - High-risk asset identification and high-risk vulnerability scanner.
vscan - Open Source Vulnerability Scanner.
Wapiti - Web vulnerability scanner written in Python3.
Scaninfo - fast scan for redtools
osv-scanner - Vulnerability scanner written in Go which uses the data provided by https://osv.dev
Afrog - A Vulnerability Scanning Tools For Penetration Testing
OpalOPC - A vulnerability and misconfiguration scanner for OPC UA applications

Web Applications

CMS & Framwork Identification

AngelSword - CMS vulnerability detection framework 🔒
WhatWeb - Next generation web scanner
Wappalyzer - Cross-platform utility that uncovers the technologies used on websites
Whatruns - A free browser extension that helps you identify technologies used on any website at the click of a button (Just for chrome)
WhatCMS - CMS Detection and Exploit Kit based on Whatcms.org API
CMSeeK - CMS Detection and Exploitation suite - Scan WordPress, Joomla, Drupal and over 180 other CMSs
EHole - CMS Detection for RedTeam
ObserverWard - Cross platform community web fingerprint identification tool
- FingerprintHub - The Database of ObserverWard

Online Tools

Yunsee - Online website for to find the CMS footprint
Bugscaner - A simple online fingerprint identification system that supports hundreds of cms source code recognition
WhatCMS online - CMS Detection and Exploit Kit website Whatcms.org
TideFinger - Fingerprinter Tool from TideSec Team 🔒
360finger-p - Fingerprinter Tool from 360 Team

Web Applications Proxies

Burpsuite - Burpsuite is a graphical tool for testing Web application security
ZAP One of the world’s most popular free security tools
Mitmproxy - An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.
Broxy - An HTTP/HTTPS intercept proxy written in Go.
Hetty - An HTTP toolkit for security research.
Proxify - Swiss Army knife Proxy tool for HTTP/HTTPS traffic capture, manipulation, and replay on the go.

web browser extension

Hack-Tools - The all-in-one Red Team extension for Web Pentester 🛠

Web Crawlers & Directory Brute Force

Dirbrute - Multi-thread WEB directory blasting tool (with dics inside) 🔒
Dirb - DIRB is a Web Content Scanner. It looks for existing (and/or hidden) Web Objects. It basically works by launching a dictionary based attack against a web server and analyzing the responses.
ffuf - Fast web fuzzer written in Go.
Dirbuster - DirBuster is a multi threaded java application designed to brute force directories and files names on web/application servers.
Dirsearch - Web path scanner.
Gobuster Directory/File, DNS and VHost busting tool written in Go.
WebPathBrute - Web path Bruter.
wfuzz - Web application fuzzer
Dirmap - An advanced web directory & file scanning tool that will be more powerful than DirBuster, Dirsearch, cansina, and Yu Jian.
YJdirscan - Yujian dirscan Gui Pro

Docker Scanners

Fuxi-Scanner - open source network security vulnerability scanner, it comes with multiple functions.
Xunfeng - The patrol is a rapid emergency response and cruise scanning system for enterprise intranets.
WebMap - Nmap Web Dashboard and Reporting.
Pentest-Collaboration-Framework - Opensource, cross-platform and portable toolkit for automating routine processes when carrying out various works for testing!

Database Assessment

Enumdb - Relational database brute force and post exploitation tool for MySQL and MSSQL
MDUT - Multiple Database Utilization Tools
Sylas - Multiple Database Exploitation Tools
ODAT - Oracle Database Attacking Tool
MSDAT - Microsoft SQL Database Attacking Tool

Password Attacks

Hydra - Hydra is a parallelized login cracker which supports numerous protocols to attack
Medusa - Medusa is intended to be a speedy, massively parallel, modular, login brute-forcer
Sparta - Network Infrastructure Penetration Testing Tool.
Hashcat - World's fastest and most advanced password recovery utility
Patator - Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.
HackBrowserDat - Decrypt passwords/cookies/history/bookmarks from the browser
John - John the Ripper jumbo - advanced offline password cracker, which supports hundreds of hash and cipher types, and runs on many operating systems, CPUs, GPUs, and even some FPGAs.
crowbar - brute forcing tool that can be used during penetration tests. Supports OpenVPN, RDP (with NLA), ssh and VNC.

Wordlists

wordlists - Real-world infosec wordlists, updated regularly
psudohash - Password list generator that focuses on keywords mutated by commonly used password creation patterns
wister - A wordlist generator tool, that allows you to supply a set of words, giving you the possibility to craft multiple variations from the given words, creating a unique and ideal wordlist to use regarding a specific target.
Rockyou - wordlists packaging for Kali Linux.
Weakpass - For any kind of bruteforce find wordlists.

Wireless Attacks

Wireless Tools

Fern Wifi cracker - Fern-Wifi-Cracker is designed to be used in testing and discovering flaws in ones own network with the aim of fixing the flaws detected
EAPHammer - EAPHammer is a toolkit for performing targeted evil twin attacks against WPA2-Enterprise networks.
Wifite2 - Wifite is designed to use all known methods for retrieving the password of a wireless access point.
JackIt - Implementation of Bastille's MouseJack exploit. Easy entry point through wireless keyboards and mices during redteam engagement.

Reverse Engineering

Ollydbg - OllyDbg is a 32-bit assembler level analysing debugger for Microsoft Windows

Exploitation Tools

Vulnerability Search

SPLOITUS - Sploitus is а convenient central place for identifying the newest exploits and finding attacks that exploit known vulnerabilities
SearchSploit - The official Exploit Database repository
Getsploit - Command line utility for searching and downloading exploits
Houndsploit - An advanced graphical search engine for Exploit-DB
OSV - Open source vulnerability DB and triage service.

Cross-site Scripting（XSS）

BeeF - The Browser Exploitation Framework Project
BlueLotus_XSSReceiver - XSS Receiver platform without SQL
XSStrike - Most advanced XSS scanner.
xssor2 - XSS'OR - Hack with JavaScript.
Xsser-Varbaek - From XSS to RCE 2.75 - Black Hat Europe Arsenal 2017 + Extras
Xsser-Epsylon - Cross Site "Scripter" (aka XSSer) is an automatic framework to detect, exploit and report XSS vulnerabilities in web-based applications.
Xenotix - An advanced Cross Site Scripting (XSS) vulnerability detection and exploitation framework
PwnXSS - PwnXSS: Vulnerability (XSS) scanner exploit
dalfox - 🌙🦊 DalFox is an powerful open source XSS scanning tool and parameter analyzer, utility
ezXSS - ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.

Sql Injection

Sqlmap - Automatic SQL injection and database takeover tool
SSQLInjection - SSQLInjection is a SQL injection tool , support Access/MySQL/SQLServer/Oracle/PostgreSQL/DB2/SQLite/Informix Database.
Jsql-injection jSQL Injection is a Java application for automatic SQL database injection.
NoSQLMap - Automated NoSQL database enumeration and web application exploitation tool.
Sqlmate - A friend of SQLmap which will do what you always expected from SQLmap
SQLiScanner - Automatic SQL injection with Charles and sqlmap api
sql-injection-payload-list - 🎯 SQL Injection Payload List
Advanced-SQL-Injection-Cheatsheet - A cheat sheet that contains advanced queries for SQL Injection of all types.

Command Injection

Commix - Automated All-in-One OS command injection and exploitation tool

File Include

LFIsuite - Totally Automatic LFI Exploiter (+ Reverse Shell) and Scanner
Lfi-Space - Lfi Scan Tool
Kadimus - Kadimus is a tool to check sites to lfi vulnerability , and also exploit it
Shellfire - Exploitation shell for exploiting LFI, RFI, and command injection vulnerabilities
LFIter2 - LFIter2 Local File Include (LFI) Tool - Auto File Extractor & Username Bruteforcer
FDsploit - File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

File Upload vulnerability

Fuxploider - File upload vulnerability scanner and exploitation tool

XML External Entity Attack（XXE）

XXEinjector - Tool for automatic exploitation of XXE vulnerability using direct and different out of band methods
Oxml_xxe - A tool for embedding XXE/XML exploits into different filetypes

Cross-site request forgery （CSRF）

Deemon - Deemon is a tool to detect CSRF in web application

Deserialization exploit framework

Ysomap - A helpful Java Deserialization exploit framework.

Exploit Framework

POC-T - Pentest Over Concurrent Toolkit
Pocsuite3 - pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.
Metasploit - The world’s most used penetration testing framework
Venom - Shellcode generator/compiler/handler (metasploit)
Empire - Empire is a PowerShell and Python post-exploitation agent
Starkiller - Starkiller is a Frontend for PowerShell Empire.
Koadic - Koadic C3 COM Command & Control - JScript RAT
Viper - metasploit-framework UI manager Tools
MSFvenom-gui - gui tool to create normal payload by msfvenom
MYExploit - A GUI Tools for Scanning OA vulnerabilities

Machine Learning

DeepExploit - Fully automatic penetration test tool using Machine Learning
GyoiThon - GyoiThon is a growing penetration test tool using Machine Learning
Generator - Fully automatically generate numerous injection codes for web application assessment

Automate

AutoSploit - Automated Mass Exploiter
WinPwn - Automation for internal Windows Penetrationtest / AD-Security

Sniffing & Spoofing

WireShark - Wireshark is a network traffic analyzer, or "sniffer", for Unix and Unix-like operating systems.
Cain & abel - Cain & Abel is a password recovery tool for Microsoft Operating Systems.
Responder - Responder is an LLMNR, NBT-NS and MDNS poisoner.
bettercap - ARP, DNS, NDP and DHCPv6 spoofers for MITM attacks on IPv4 and IPv6 based networks
EvilFOCA - Evil Foca is a tool for security pentesters and auditors whose purpose it is to test security in IPv4 and IPv6 data networks.

Maintaining Access

Shell

Goshell - Generate reverse shells in command line with Go !
Print-My-Shell - Python script wrote to automate the process of generating various reverse shells.
Reverse-shell-generator - Hosted Reverse Shell generator with a ton of functionality. -- (Great for CTFs)
Girsh - Automatically spawn a reverse shell fully interactive for Linux or Windows victim
Blueshell - Generate a reverse shells for RedTeam
Clink - Powerful Bash-style command line editing for cmd.exe
Natpass - A new RAT Tools, Support Web VNC and Webshell
Platypus 🔨 A modern multiple reverse shell sessions manager written in go
shells - Script for generating revshells
Reverse_ssh - SSH based reverse shell
Hoaxshell - A Windows reverse shell payload generator and handler that abuses the http(s) protocol to establish a beacon-like reverse shell.

Listener

Netcat - Netcat is a featured networking utility which reads and writes data across network connections, using the TCP/IP protocol.
Rustcat - Rustcat(rcat) - The modern Port listener and Reverse shell.
Rlwrap - A readline wrapper.
Pwncat - Fancy reverse and bind shell handler.
Powercat - netshell features all in version 2 powershell.
Socat - Socat is a flexible, multi-purpose relay tool.

Web Shell

Chopper

Tips: The tool comes from the network, no backdoor verification, please choose it on yourself......

Link: https://pan.baidu.com/s/1VnXkoQU-srSllG6JaY0nTA Password: v71d

AntSword : Document - AntSword is a cross-platform website management toolkit
CKnife - The cross platform webshell tool in java

Tips: The tool comes from the network, no backdoor verification, please choose it on yourself......

Link: https://pan.baidu.com/s/1QZrnWU7DUuJhiXl7u1kELw Password: hjrh

Behinder - dynamic binary encryption webshell management client
Godzilla - a Java tool to encrypt network traffic
Skyscorpion - Modified version of Behinder.
PyShell - Multiplatform Python WebShell.
Weevely3 - Weaponized web shell.
Bantam - A PHP backdoor management and generation tool/C2 featuring end to end encrypted payload streaming designed to bypass WAF, IDS, SIEM systems.
Awsome-Webshells - Collection of reverse shells.
php-reverse-shell - Simple php reverse shell implemented using binary.
Webshell_Generate - Generate kind of Webshells bypass AV

Privilege Escalation Auxiliary

windows-exploit-suggester - This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target
Windows-kernel-exploits - windows-kernel-exploits
linux-exploit-suggester-2 - Next-Generation Linux Kernel Exploit Suggester
Linux-kernel-exploits - linux-kernel-exploits Linux
BeRoot - Privilege Escalation Project - Windows / Linux / Mac
PE-Linux - Linux Privilege Escalation Tool By WazeHell
Portia - Portia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised.
PEASS-ng - PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
GTFOBins - GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems.
LOLBAS - Living Off The Land Binaries, Scripts and Libraries.
WADComs - WADComs is an interactive cheat sheet, containing a curated list of offensive security tools and their respective commands, to be used against Windows/AD environments.
HijackLibs - DLL Hijacking is, in the broadest sense, tricking a legitimate/trusted application into loading an arbitrary DLL.
GTFOBLookup - Offline command line lookup utility for GTFOBins、LOLBAS and WADComs.
PrintNotifyPotato - PrintNotifyPotato

C2

DeimosC2 - DeimosC2 is a Golang command and control framework for post-exploitation.
Sliver - Implant framework
PHPSploit - Full-featured C2 framework which silently persists on webserver via evil PHP oneliner 😈
Shad0w - A post exploitation framework designed to operate covertly on heavily monitored environments (Win8、Win10)
Covenant - Covenant is a collaborative .NET C2 framework for red teamers.
Emp3r0r - linux post-exploitation framework made by linux user
C3 - Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing offensive toolkits.
byob - An open-source post-exploitation framework for students, researchers and developers.
Havoc - Havoc is a modern and malleable post-exploitation command and control framework.
Villain - Villain is a Windows & Linux backdoor generator and multi-session handler that allows users to connect with sibling servers (other machines running Villain) and share their backdoor sessions, handy for working as a team.

Bypass AV

Shellcodeloader - ShellcodeLoader of windows can bypass AV.
AV_Evasion_Tool - AntiVirus Shellcode generation tool.
BypassAntiVirus - Remote control anti-kill series articles and supporting tools.
MateuszEx - Bypass AV generation tool
FourEye - AV Evasion Tool For Red Team Ops
Phantom-Evasion - Python antivirus evasion tool
Terminator - Terminating all EDR/XDR/AVs processes by abusing the zam64.sys driver
foolavc - Obscures your executable for file checks and executes it in memory.

Golang Sec Tools

Tips: Golang is a excellent cross platform language for security.

Naabu - A fast port scanner written in go with focus on reliability and simplicity.
ServerScan - A high concurrency network scanning and service detection tool developed by golang.

Reporting & Collaboration

Vulnreport - Open-source pentesting management and automation platform by Salesforce Product Security
Pentest-Collaboration-Framework - Opensource, cross-platform and portable toolkit for automating routine processes when carrying out various works for testing!
CervantesSec - Cervantes is an opensource collaborative platform for pentesters or red teams who want to save time to manage their projects, clients, vulnerabilities and reports in one place.
Hexway Hive - Self hosted pentest collaboration, multi-source data aggregation and reporting framework with customizable templatess, methodologies and cats 🙀

Social Engineering Tools

Code Audit

Cloc - cloc counts blank lines, comment lines, and physical lines of source code in many programming languages
Cobra - Source Code Security Audit
Cobra-W - Cobra for white hat
Graudit - Grep rough audit - source code auditing tool
Rips - A static source code analyser for vulnerabilities in PHP scripts
Kunlun-M - KunLun-M is a static code analysis system that automates the detecting vulnerabilities and security issue.
Semgrep - Semgrep is a fast, open-source, static analysis engine for finding bugs, detecting vulnerabilities in third-party dependencies, and enforcing code standards.

Intranet penetration

Service Detection

Netspy - A tool to quickly detect the reachable network segments of the intranet.
Cube - Intranet penetration testing tools, weak password blasting, information collection and vulnerability scanning.

Port Forwarding & Proxies

EarthWorm - Tool for tunnel
Termite - Tool for tunnel (Version 2)
Frp - A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet
Nps - A lightweight, high-performance, powerful intranet penetration proxy server, with a powerful web management terminal.
Goproxy - A high-performance, full-featured, cross platform proxy server
ReGeorg - The successor to reDuh, pwn a bastion webserver and create SOCKS proxies through the DMZ. Pivot and pwn
Neo-reGeorg - Neo-reGeorg is a project that seeks to aggressively refactor reGeorg
Venom - A Multi-hop Proxy for Penetration Testers
Stowaway - 👻 Stowaway -- Multi-hop Proxy Tool for pentesters
rport - Manage remote systems with ease.
PortForward - The port forwarding tool developed by Golang solves the problem that the internal and external networks cannot communicate in certain scenarios.
Suo5 - A high-performance http proxy tunneling tool

DevSecOps

RootKit

Beurk - BEURK Experimental Unix RootKit
Bedevil - LD_PRELOAD Linux rootkit (x86 & ARM)

Audit Tools

DevAudit - Open-source, cross-platform, multi-purpose security auditing tool

Pentesting Distribution

Backbox Linux - penetration testing and security assessment oriented Linux distribution
Kali Linux - Debian-based pentesting distribution
BlackArch Linux - Arch Linux-based penetration testing distribution
Parrot Security - The ultimate framework for your Cyber Security operations
ArchStrike - Arch Linux respository for security professionals

Cyber Range

Vulnerability application

DVWA - Damn Vulnerable Web Application (DVWA)
WebGoat - WebGoat is a deliberately insecure web application maintained by OWASP designed to teach web application security lessons
DSVW - DSVW is a deliberately vulnerable web application written in under 100 lines of code, created for educational purposes
DVWS - Damn Vulnerable Web Services is an insecure web application with multiple vulnerable web service components that can be used to learn real world web service vulnerabilities
XVWA - XVWA is a badly coded web application written in PHP/MySQL that helps security enthusiasts to learn application security
BWAPP - A buggy web application whit more than 100 vulnerabilities
Sqli-lab - SQLI labs to test error based, Blind boolean based, Time based
HackMe-SQL-Injection-Challenges - Hack your friend's online MMORPG game - specific focus, sql injection opportunities
XSS-labs - Small set of scripts to practice exploit XSS and CSRF vulnerabilities
SSRF-lab - Lab for exploring SSRF vulnerabilities
SSRF_Vulnerable_Lab - This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack
LFI-labs - Small set of PHP scripts to practice exploiting LFI, RFI and CMD injection vulns
Commix-testbed - A collection of web pages, vulnerable to command injection flaws
File-Upload-Lab - Damn Vulnerable File Upload V 1.1
Upload-labs - A summary of all types of uploading vulnerabilities for you
XXE-Lab - A XXE vulnerability Demo containing language versions such as PHP, Java, python, C#, etc
Vulnerable-Flask-App - Erlik2 Vulnerable-Flask-App provided by anil-yelken.

Simulation Range

Fopnp - A Network Playground for 《Foundations of Python Network Programming》
CyberRange - The Open-Source AWS Cyber Range
Pentest-Ground - Pentest-Ground is a free playground with deliberately vulnerable web applications and network services.

Honeyhots

DecoyMini - A highly scalable, safe, free enterprise honeypots

CTF challenges

Vulnhub - VulnHub provides materials allowing anyone to gain practical hands-on experience with digital security, computer applications and network administration
TryHackMe - TryHackMe is a free online platform for learning cyber security, using hands-on exercises and labs, all through your browser!
Hackthebox - Hack The Box is a massive, online cybersecurity training platform, allowing individuals, companies, universities and all kinds of organizations around the world to level up their hacking skills.
Root Me - Root Me allows everyone to test and improve their knowledge in computer security and hacking.
Pentestit - Penetration testing laboratories "Test lab" emulate an IT infrastructure of real companies and are created for a legal pen testing and improving penetration testing skills
Pentesterlab - Learn Web Penetration Testing: The Right Way
Cyberseclabs - At CyberSecLabs, we aim to provide secure, high-quality training services that allow information security students the opportunity to safely learn and practice penetration testing skills.
Web Security Academy - Free, online web security training from the creators of Burp Suite
Vulnmachines - A place to learn and improve penetration testing/ethical hacking skills for FREE

Excellent project

Rawsec's CyberSecurity Inventory - An inventory of tools and resources about CyberSecurity.
All-Defense-Tool - A List for Defense Tools.
Awesome-POC - A POC knowledge base of various vulnerabilities.

Name		Name	Last commit message	Last commit date
Latest commit History 467 Commits
svg		svg
Readme.md		Readme.md
logo.png		logo.png

arch3rPro/PentestTools

Folders and files

Latest commit

History

Repository files navigation