496 skills found · Page 1 of 17
android / Testing SamplesA collection of samples demonstrating different frameworks and techniques for automated testing
A-poc / RedTeam ToolsTools and Techniques for Red Team / Penetration Testing
a0rtega / PafishPafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that malware families do
nccgroup / BurpSuiteHTTPSmugglerA Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques
DockerSecurityPlayground / DSPA Microservices-based framework for the study of Network Security and Penetration Test techniques
Offensive-Panda / ShadowDumperShadow Dumper is a powerful tool used to dump LSASS memory, often needed in penetration testing and red teaming. It uses multiple advanced techniques to dump memory, allowing to access sensitive data in LSASS memory.
emilyanncr / Windows Post ExploitationWindows post-exploitation tools, resources, techniques and commands to use during post-exploitation phase of penetration test. Contributions are appreciated. Enjoy!
SpiderLabs / PortiaPortia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised.
btakita / RrRR (Double Ruby) is a test double framework that features a rich selection of double techniques and a terse syntax.
spyboy-productions / Facad1ngOpen-source URL masking & analysis tool for security research, phishing awareness, and defensive testing. Demonstrates adversary techniques used to disguise malicious links.
upgundecha / Awesome Testing CoursesA curated list of awesome online courses and tutorials on software testing, test automation and more...
priyankgada / The Complete Practical Certified Ethical Hacking Course In EnglishWelcome this comprehensive course on Ethical Hacking! This course assumes you have NO prior knowledge in hacking and by the end of it you'll be able to hack systems like black-hat hackers and secure them like security experts! This course is highly practical but it won't neglect the theory, so we'll start with ethical hacking basics and the different fields in penetration testing, installing the needed software (works on Windows, Linux and Mac OS X) and then we'll dive and start hacking systems straight away. From here onwards you'll learn everything by example, by analysing and exploiting computer systems such as networks, servers, clients, websites .....etc, so we'll never have any boring dry theoretical lectures. The course is divided into a number of sections, each section covers a penetration testing / hacking field, in each of these sections you'll first learn how the target system works, the weaknesses of this system, and how to practically exploit theses weaknesses and hack into it, not only that but you'll also learn how to secure this system from the discussed attacks. This course will take you from a beginner to a more advanced level by the time you finish, you will have knowledge about most penetration testing fields. The course is divided into four main sections: 1. Network Hacking - This section will teach you how to test the security of networks, both wired and wireless. First, you will learn some basic network terminology, how networks work, and how devices communicate with each other. Then it will branch into three sub sections: Pre-connection attacks: in this subsection you'll learn what can you do before even connecting to a network, and even before having internet access; you'll start by learning how to gather information about the networks around you, discover the devices connected to them, and how to control connections around you (ie: deny/allow devices from connecting to networks) even without knowing the password of the target network. Gaining Access: Now that you gathered information about the networks around you, in this subsection you will learn how to crack the key and get the password to your target network weather it uses WEP, WPA or even WPA2. Post Connection attacks: Now that you have the key, you can connect to the target network, in this subsection you will learn a number of powerful techniques that allow you to gather comprehensive information about the connected devices, see anything they do on the internet (such as login information, passwords, visited urls, images, videos ....etc), redirect requests, inject evil code in loaded pages and much more! All the attacks here work against both wireless and wired networks. You will also learn how to create a fake WiFi network, attract users to connect to it and use all of the above techniques against the connected clients. 2. Gaining Access - In this section you will learn two main approaches to gain full control or hack computer systems: Server Side Attacks: In this subsection you will learn how to gain full access to computer systems without the need for user interaction. You will learn how to gather useful information about a target computer system such as its operating system, open ports, installed services, then you'll learn how to use this information to discover weaknesses and vulnerabilitiesand exploit them to gain full control over the target. Finally you will learn how to generate different types of reports for your discoveries. Client Side Attacks - If the target system does not contain any weaknesses then the only way to gain access to it is by interacting with the users, in this subsection you'll learn how to get the target user to install a backdoor on their system without even realising, this is done by hijacking updatesor backdoornig downloadeds on the fly. Not only that but you'll also learn how to create trojans by backdooring normal files (such as an image or a pdf) and use social engineering to deliver this trojan to the target, to do this you'll learn how to spoof emails so they appear as if they're sent from the target's friend, boss or any email account they're likely to interact with. 3. Post Exploitation - In this section you will learn how to interact with the systems you compromised so far. You’ll learn how to access the file system (read/write/upload/execute), maintain your access, spy on the target and even use the target computer as a pivot to hack other computer systems. 4. Website / Web Application Hacking - In this section you will learn how websites work, how to gather information about a target website (such as website owner, server location, used technologies ....etc) and how to discover and exploit the following dangerous vulnerabilities to hack into websites:
samhaxr / HackboxHackBox is a powerful and comprehensive tool that combines a variety of techniques for web application and network security assessments, including XSS testing, subdomain scanning, SSRF injection, and more. Its user-friendly interface and wide range of features make it a valuable asset for security professionals.
amrelsagaei / Bug Bounty Hunting Methodology 2025Bug Bounty Methodology 2025: Tools, techniques, and steps to guide you through reconnaissance, enumeration, and testing.
vgrec / EspressoExamplesA collection of examples demonstrating different techniques for automated testing with Espresso.
alexfertel / BulloakGenerate tests based on the Branching Tree Technique.
rr / RrRR is a test double framework that features a rich selection of double techniques and a terse syntax. ⛺
go-gremlins / GremlinsA mutation testing tool for Go.
cvs-health / Ios Swiftui Accessibility TechniquesDemonstrates iOS SwiftUI Accessibility programming techniques using live good and bad examples that can be tested with VoiceOver and other AT. Includes documentation for developers explaining how to code accessible patterns for iOS.
CheckPointSW / ShowstopperShowStopper is a tool for helping malware researchers explore and test anti-debug techniques or verify debugger plugins or other solutions that clash with standard anti-debug methods.
