149 skills found · Page 1 of 5
dafthack / MailSniperMailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It can be used as a non-administrative user to search their own email, or by an administrator to search the mailboxes of every user in a domain.
SECFORCE / SpartaNetwork Infrastructure Penetration Testing Tool
Abacus-Group-RTO / LegionLegion is an open source, easy-to-use, super-extensible and semi-automated network penetration testing tool that aids in discovery, reconnaissance and exploitation of information systems.
R3dy / Capsulecorp PentestVagrant VirtualBox environment for conducting an internal network penetration test
DockerSecurityPlayground / DSPA Microservices-based framework for the study of Network Security and Penetration Test techniques
SpiderLabs / PortiaPortia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised.
RUB-NDS / WS AttackerWS-Attacker is a modular framework for web services penetration testing. It is developed by the Chair of Network and Data Security, Ruhr University Bochum (https://nds.rub.de/ ) and the Hackmanit GmbH (https://www.hackmanit.de/).
pikpikcu / Pentest Tools FrameworkPentest Tools Framework is a database of exploits, Scanners and tools for penetration testing. Pentest is a powerful framework includes a lot of tools for beginners. You can explore kernel vulnerabilities, network vulnerabilities
priyankgada / The Complete Practical Certified Ethical Hacking Course In EnglishWelcome this comprehensive course on Ethical Hacking! This course assumes you have NO prior knowledge in hacking and by the end of it you'll be able to hack systems like black-hat hackers and secure them like security experts! This course is highly practical but it won't neglect the theory, so we'll start with ethical hacking basics and the different fields in penetration testing, installing the needed software (works on Windows, Linux and Mac OS X) and then we'll dive and start hacking systems straight away. From here onwards you'll learn everything by example, by analysing and exploiting computer systems such as networks, servers, clients, websites .....etc, so we'll never have any boring dry theoretical lectures. The course is divided into a number of sections, each section covers a penetration testing / hacking field, in each of these sections you'll first learn how the target system works, the weaknesses of this system, and how to practically exploit theses weaknesses and hack into it, not only that but you'll also learn how to secure this system from the discussed attacks. This course will take you from a beginner to a more advanced level by the time you finish, you will have knowledge about most penetration testing fields. The course is divided into four main sections: 1. Network Hacking - This section will teach you how to test the security of networks, both wired and wireless. First, you will learn some basic network terminology, how networks work, and how devices communicate with each other. Then it will branch into three sub sections: Pre-connection attacks: in this subsection you'll learn what can you do before even connecting to a network, and even before having internet access; you'll start by learning how to gather information about the networks around you, discover the devices connected to them, and how to control connections around you (ie: deny/allow devices from connecting to networks) even without knowing the password of the target network. Gaining Access: Now that you gathered information about the networks around you, in this subsection you will learn how to crack the key and get the password to your target network weather it uses WEP, WPA or even WPA2. Post Connection attacks: Now that you have the key, you can connect to the target network, in this subsection you will learn a number of powerful techniques that allow you to gather comprehensive information about the connected devices, see anything they do on the internet (such as login information, passwords, visited urls, images, videos ....etc), redirect requests, inject evil code in loaded pages and much more! All the attacks here work against both wireless and wired networks. You will also learn how to create a fake WiFi network, attract users to connect to it and use all of the above techniques against the connected clients. 2. Gaining Access - In this section you will learn two main approaches to gain full control or hack computer systems: Server Side Attacks: In this subsection you will learn how to gain full access to computer systems without the need for user interaction. You will learn how to gather useful information about a target computer system such as its operating system, open ports, installed services, then you'll learn how to use this information to discover weaknesses and vulnerabilitiesand exploit them to gain full control over the target. Finally you will learn how to generate different types of reports for your discoveries. Client Side Attacks - If the target system does not contain any weaknesses then the only way to gain access to it is by interacting with the users, in this subsection you'll learn how to get the target user to install a backdoor on their system without even realising, this is done by hijacking updatesor backdoornig downloadeds on the fly. Not only that but you'll also learn how to create trojans by backdooring normal files (such as an image or a pdf) and use social engineering to deliver this trojan to the target, to do this you'll learn how to spoof emails so they appear as if they're sent from the target's friend, boss or any email account they're likely to interact with. 3. Post Exploitation - In this section you will learn how to interact with the systems you compromised so far. You’ll learn how to access the file system (read/write/upload/execute), maintain your access, spy on the target and even use the target computer as a pivot to hack other computer systems. 4. Website / Web Application Hacking - In this section you will learn how websites work, how to gather information about a target website (such as website owner, server location, used technologies ....etc) and how to discover and exploit the following dangerous vulnerabilities to hack into websites:
Hrishikesh7665 / Android Pentesting ChecklistDelve into a comprehensive checklist, your ultimate companion for Android app penetration testing. Identify vulnerabilities in network, data, storage, and permissions effortlessly. Boost security skills with essential tools and user-friendly guides. Elevate Android security seamlessly!
lmco / DartDART is a test documentation tool created by the Lockheed Martin Red Team to document and report on penetration tests, especially in isolated network environments.
tecknicaltom / Dsniffdsniff is a collection of tools for network auditing and penetration testing.
t3l3machus / Pentest PivotingA compact guide to network pivoting for penetration testings / CTF challenges.
CyberAlbSecOP / Awesome Hacking Apps For AndroidThis repository is a curated collection of penetration testing tools designed to transform your Android device into a full-fledged mobile pentesting toolkit. With the wide array of apps available, you can conduct network analysis, application vulnerability assessments, Wi-Fi cracking, and much more—all from your smartphone.
galkan / FlashlightPentesters spend too much time during information gathering phase. Flashlight (Fener) provides services to scan network/ports and gather information rapidly on target networks. So Flashlight should be the choice to automate discovery step during a penetration test. In this article, usage of Flashligh application will be explained.
Kalyan-Deva / Hacking Bug Bounty BooksCollection of Combination of 👨🏻💻Ethical Hacking, 🐧Linux, Cyber security, 💰Bug Bounty, Penetration testing, Networking and more IT Related Books that are Publicly Available.
milo2012 / PortiaPortia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised. Portia performs privilege escalation as well as lateral movement automatically in the network
BishopFox / FirecatFirecat is a penetration testing tool that allows you to punch reverse TCP tunnels out of a compromised network.
ia-usgs / XenoA Python-based tool for scanning, auditing, and performing penetration tests on Wi-Fi networks and connected devices.
Packet-Batch / ProgramAn application that utilizes fast AF_XDP Linux sockets to generate and send network packets. Used for penetration testing including Denial of Service (DoS) and network monitoring. Made by @gamemann!
