penetration-testing

This repository is maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), AI security, vulnerability research, exploit development, reverse engineering, and more. 🔥 Also check:https://hackertraining.org

training ai exploit hackers hacking artificial-intelligence cybersecurity penetration-testing exploits vulnerability awesome-list hacker vulnerability-management vulnerability-identification vulnerability-assessment ethical-hacking awesome-lists exploit-development ai-security hacking-series

UpdatedFeb 6, 2026
Jupyter Notebook

KeygraphHQ /shannon

Star24k

Fully autonomous AI hacker to find actual exploits in your web apps. Shannon has achieved a 96.15% success rate on the hint-free, source-aware XBOW Benchmark.

security-audit penetration-testing pentesting security-automation security-tools

UpdatedFeb 20, 2026
TypeScript

usestrix /strix

Star20.2k

Open-source AI hackers to find and fix your app’s vulnerabilities.

artificial-intelligence cybersecurity penetration-testing agents llm generative-ai

UpdatedFeb 20, 2026
Python

vitalysim /Awesome-Hacking-Resources

Star16.8k

A collection of hacking / penetration testing resources to make you better!

exploit reverse-engineering malware mitm hacking owasp penetration-testing ctf privilege-escalation buffer-overflow windows-privilege-escalation privilege-escalation-linux

UpdatedMar 12, 2024

sundowndev /hacker-roadmap

Sponsor

Star15.1k

A collection of hacking tools, resources and references to practice ethical hacking.

security roadmap hacking penetration-testing pentesting post-exploitation pentest exploitation hacking-tool frameworks information-gathering web-hacking hacktools

UpdatedOct 16, 2023

maurosoria /dirsearch

Sponsor

Star14k

Web path scanner

python security scanner hacking wordlist enumeration penetration-testing bug-bounty fuzzing infosec pentesting bugbounty fuzzer brute appsec hacking-tool dirsearch pentest-tool redteam red-teaming

UpdatedFeb 20, 2026
Python

qazbnm456 /awesome-web-security

Sponsor

Star13.1k

🐶 A curated list of Web Security materials and resources.

security list awesome web penetration-testing awesome-list websecurity

UpdatedMay 2, 2025

Datalux /Osintgram

Star12.3k

Osintgram is a OSINT tool on Instagram. It offers an interactive shell to perform analysis on Instagram account of any users by its nickname

python instagram osint analysis tool hacking python3 penetration-testing instagram-api nickname information-gathering instagram-account osint-python

UpdatedAug 25, 2025
Python

GreyDGL /PentestGPT

Star11.7k

Automated Penetration Testing Agentic Framework Powered by Large Language Models

python penetration-testing large-language-models llm

UpdatedFeb 18, 2026
Python

vanhauser-thc /thc-hydra

Star11.7k

hydra

bruteforce hydra penetration-testing brute-force-attacks brute-force pentesting pentest password-cracker network-security bruteforce-attacks password-cracking pentest-tool bruteforcing brute-force-passwords thc bruteforcer

UpdatedFeb 7, 2026
C

samratashok /nishang

Star9.8k

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

security powershell hacking activedirectory penetration-testing infosec red-team nishang redteam

UpdatedApr 25, 2024
PowerShell

1N3 /Sn1per

Star9.4k

Attack Surface Management Platform

security hacking cybersecurity penetration-testing pentesting pentest-scripts security-tools pentest-tool osint-framework attack-surface hacking-tools pentest-tools pentesting-tools sn1per sn1per-professional osint-tool bugbounty-platform attacksurface attack-surface-management

UpdatedFeb 15, 2026
Shell

OWASP /wstg

Sponsor

Star8.9k

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

security guide best-practices hacking owasp penetration-testing application-security pentesting bugbounty appsec hacktoberfest

UpdatedFeb 19, 2026

We5ter /Scanners-Box

Star8.8k

A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑

security-audit static-analysis smart-contracts penetration-testing malware-analysis binary-analysis information-security exploitation-framework vulnerability-scanners wifi-security hacker-tools security-automation devsecops apk-analysis wifi-hacking pentesting-tools redteam-tools code-analyzer privacy-compliance

UpdatedOct 9, 2025

A-poc /RedTeam-Tools

Star8.5k

Tools and Techniques for Red Team / Penetration Testing

windows linux tools hacking resources cheatsheet cybersecurity enumeration penetration-testing pentest payload red-team security-tools redteam mitre-attack pentest-tools red-team-tools

UpdatedMar 18, 2025

yogeshojha /rengine

Sponsor

Star8.5k

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…

osint scanner hacking penetration-testing bug-bounty infosec pentesting recon bugbounty scanning information-gathering rengine security-tools reconnaissance scanner-web recon-engine