pentest

An inventory of tools and resources about CyberSecurity https://inventory.raw.pm/

Repositório sobre estudos, pesquisas e desenvolvimento para PenTest.

Un script avancé d’audit de sécurité et de pentesting alliant furtivité, détection adaptative, intelligence de vulnérabilités et analyses OS pour une évaluation réseau exhaustive. Conçu pour les professionnels, il allie automatisation et précision pour répondre aux environnements les plus complexes.

Opensource, cross-platform and portable toolkit for automating routine processes when carrying out various works for testing!

ITDIS (Is This Domain In Scope) https://noraj.gitlab.io/itdis

Ce projet documente les étapes d'installation et de configuration d'Exegol et de Portainer avec Docker sur un environnement Arch Linux, spécialement adapté pour Hyprland. Il fournit un script automatisé et des instructions détaillées pour simplifier l'installation sur cette distribution, avec des captures d'écran à chaque étape clé.

CryptoLyzer is a fast, flexible, and comprehensive server cryptographic protocol (TLS, SSL, SSH, DNSSEC) and related setting (HTTP headers, DNS records) analyzer and fingerprint (JA3, HASSH tag) generator with Python API and CLI.

PyPortBot - is a simple port scanner based on nmap that anylyzes open ports with Ollama

Cryptographic protocol and security-related protocol piece parser.

This repository is just a mirror.

Documentation and cheatsheets about CTF and pentest.

List of template vulnerability reports for web pentesting.

Pentesting workshops - https://sansnom.org/ateliers-pentest/

MagicArch is a comprehensive post-installation script built with Ansible, designed to transform a basic Arch Linux installation into a fully equipped Pentesting Distro customized for pentesting and performance. With a focus on security assessments, customization, and performance optimization, MagicArch simplifies the setup process and ensures a tailored environment for pentesting tasks.

Donut is a Python 3 app for SECURITY TESTING PURPOSES ONLY!

Donut is an HTTP DoS Test Tool

Attack Vector exploited: HTTP Keep Alive + NoCache

XSS is a simple shell tool developed to test Cross-Site Scripting (XSS) vulnerabilities on websites.

ISAF aims to be a framework that provides the necessary tools for the correct security audit of industrial (OT) environments.