458 skills found · Page 1 of 16
danielmiessler / SecListsSecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
MobSF / Mobile Security Framework MobSFMobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
ReversecLabs / DrozerThe Leading Security Assessment Framework for Android.
chipsec / ChipsecPlatform Security Assessment Framework
Syslifters / SysreptorA customizable and powerful penetration testing reporting platform for offensive security professionals. Simplify, customize, and automate your pentest reports with ease.
sevagas / Macro Packmacro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments. The goal of macro_pack is to simplify exploitation, antimalware bypass, and automatize the process from malicious macro and script generation to final document generation. It also provides a lot of helpful features useful for redteam or security research.
salesforce / CloudsplainingCloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized report.
webpwnized / MutillidaeOWASP Mutillidae II is a free, open-source, deliberately vulnerable web application providing a target for web-security training. This is an easy-to-use web hacking environment designed for labs, security enthusiasts, classrooms, CTF, and vulnerability assessment tool targets.
mbrg / Power PwnAn offensive/defense security toolset for discovery, recon and ethical assessment of AI Agents
AlephNullSK / DnsgenDNSGen is a powerful and flexible DNS name permutation tool designed for security researchers and penetration testers. It generates intelligent domain name variations to assist in subdomain discovery and security assessments.
nsacyber / GRASSMARLINProvides situational awareness of Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) networks in support of network security assessments. #nsacyber
reconmap / ReconmapReconmap is a collaboration-first security operations platform for infosec teams and MSSPs, enabling end‑to‑end engagement management, from reconnaissance through execution and reporting. With built-in command automation, output parsing, and AI‑assisted summaries, it delivers faster, more structured, and high‑quality security assessments.
dsopas / MindAPIOrganize your API security assessment by using MindAPI. It's free and open for community collaboration.
usnistgov / OSCALOpen Security Controls Assessment Language (OSCAL)
securing / GattackerA Node.js package for BLE (Bluetooth Low Energy) security assessment using Man-in-the-Middle and other attacks
yashab-cyber / HackGptHackGPT Enterprise is a production-ready, cloud-native AI-powered penetration testing platform designed for enterprise security teams. It combines advanced AI, machine learning, microservices architecture, and comprehensive security frameworks to deliver professional-grade cybersecurity assessments.
spyboy-productions / CamXploitSecurity reconnaissance and assessment tool for identifying potentially exposed IP cameras by analyzing open ports, service configurations, and common misconfigurations.
dsopas / Assessment MindsetSecurity Mindmap that could be useful for the infosec community when doing pentest, bug bounty or red-team assessments.
Tencent / HaboMalHunterHaboMalHunter is a sub-project of Habo Malware Analysis System (https://habo.qq.com), which can be used for automated malware analysis and security assessment on the Linux system.
olacabs / JackhammerJackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.
