#Security-testing

Showing 60 of 80 repositories tagged #security-testing, ranked by stars

sqlmapproject
sqlmapproject
sqlmap

Automatic SQL injection and database takeover tool

Score
100
β˜… 37.8k β‘‚ 6.3k +43/day
Python
vxcontrol
vxcontrol
pentagi

Fully autonomous AI Agents system capable of performing complex penetration testing tasks

Score
100
β˜… 18.5k β‘‚ 2.5k +414/day
Go
apache
apache
caldera

Automated Adversary Emulation Platform

Score
83
β˜… 7.1k β‘‚ 1.4k +12/day
Python
jassics
jassics
security-study-plan

Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...

Score
100
β˜… 5.0k β‘‚ 628 +3/day
wallarm
wallarm
gotestwaf

An open-source project in Golang to asess different API Security tools and WAF for detection logic and bypasses

Score
85
β˜… 1.8k β‘‚ 257 β€”
Go
akto-api-security
akto-api-security
akto

Proactive, Open source API security β†’ API discovery, API Security Posture, Testing in CI/CD, Test Library with 1000+ Tests, Add custom tests, Sensitive data exposure

Score
98
β˜… 1.5k β‘‚ 285 β€”
Java
Viralmaniar
Viralmaniar
Passhunt

Passhunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.

Score
82
β˜… 1.3k β‘‚ 190 β€”
Python
secureCodeBox
secureCodeBox
secureCodeBox

secureCodeBox (SCB) - continuous secure delivery out of the box

Score
0
β˜… 983 β‘‚ 182 +2/day
Go
fportantier
fportantier
habu

Hacking Toolkit

Score
33
β˜… 981 β‘‚ 164 β€”
Python
guardrailsio
guardrailsio
awesome-python-security

Awesome Python Security resources πŸ•ΆπŸπŸ”

Score
0
β˜… 960 β‘‚ 118 β€”
CaringCaribou
CaringCaribou
caringcaribou

A friendly car security exploration tool for the CAN bus

Score
67
β˜… 926 β‘‚ 227 +1/day
Python
bl4de
bl4de
security-tools

My collection of various security tools created mostly in Python and Bash. For CTFs and Bug Bounty.

Score
50
β˜… 922 β‘‚ 182 β€”
Python
B3nac
B3nac
InjuredAndroid

A vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.

Score
100
β˜… 755 β‘‚ 163 β€”
Kotlin
Anof-cyber
Anof-cyber
Application-Security

Resources for Application Security including Web, API, Android, iOS and Thick Client

Score
0
β˜… 686 β‘‚ 62 β€”
cyproxio
cyproxio
mcp-for-security

MCP for Security: A collection of Model Context Protocol servers for popular security tools like SQLMap, FFUF, NMAP, Masscan and more. Integrate security testing and penetration testing into AI workflows.

Score
97
β˜… 619 β‘‚ 99 β€”
TypeScript
Marshall-Hallenbeck
Marshall-Hallenbeck
red_team_attack_lab

Red Team Attack Lab for TTP testing & research

Score
73
β˜… 594 β‘‚ 78 β€”
PowerShell
guardrailsio
guardrailsio
awesome-dotnet-security

Awesome .NET Security Resources

Score
93
β˜… 531 β‘‚ 58 β€”
rust-fuzz
rust-fuzz
honggfuzz-rs

Fuzz your Rust code with Google-developed Honggfuzz !

Score
100
β˜… 499 β‘‚ 47 β€”
Rust
enkomio
enkomio
Taipan

Web application vulnerability scanner

Score
68
β˜… 463 β‘‚ 91 β€”
PaytmLabs
PaytmLabs
nerve

NERVE Continuous Vulnerability Scanner

Score
72
β˜… 456 β‘‚ 115 β€”
Python
flipkart-incubator
flipkart-incubator
watchdog

Watchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.

Score
67
β˜… 430 β‘‚ 102 β€”
Python
vectra-ai-research
vectra-ai-research
MAAD-AF

MAAD Attack Framework - An attack tool for simple, fast & effective security testing of M365 & Entra ID (Azure AD).

Score
90
β˜… 428 β‘‚ 63 β€”
PowerShell
FrancescoStabile
FrancescoStabile
numasec

The AI Agent for Cyber Security.

Score
95
β˜… 419 β‘‚ 49 +4/day
TypeScript
e-m-b-a
e-m-b-a
embark

EMBArk - The firmware security scanning environment

Score
0
β˜… 389 β‘‚ 65 β€”
Python
akenofu
akenofu
OSCP-Cheat-Sheet

This is my OSCP cheat sheet made by combining a lot of different resources online with a little bit of tweaking. I used this cheat sheet during my exam (Fri, 13 Sep 2019) and during the labs. I can proudly say it helped me pass so I hope it can help you as well ! Good Luck and Try Harder

Score
63
β˜… 365 β‘‚ 106 β€”
mercedes-benz
mercedes-benz
sechub

SecHub provides a central API to test software with different security tools.

Score
88
β˜… 353 β‘‚ 80 β€”
Java
redcanaryco
redcanaryco
chain-reactor

Chain Reactor is an open source framework for composing executables that simulate adversary behaviors and techniques on Linux endpoints.

Score
57
β˜… 343 β‘‚ 38 +2/day
C
h0tak88r
h0tak88r
Sec-88

Cyber Security Notes, Methodology, Resources and Tips

Score
92
β˜… 250 β‘‚ 67 +1/day
Rektoff
Rektoff
Security-Roadmap-for-Solana-applications

We are systematizing everything we know about Solana security into one structured resource: the Solana Security Strategy. It’s a field-tested knowledge base for teams building serious products β€” packed with practical guidance, reference links, and strategy templates.

Score
100
β˜… 237 β‘‚ 31 β€”
paulveillard
paulveillard
cybersecurity

Welcome Cybersecurity's World. An ongoing & curated collection of awesome software best practices and techniques, libraries and frameworks, E-books and videos, websites, blog posts, links to github Repositories, technical guidelines and important resources in Cybersecurity.

Score
55
β˜… 234 β‘‚ 54 β€”
Python
OWASP
OWASP
ASST

OWASP ASST (Automated Software Security Toolkit) | A Novel Open Source Web Security Scanner.

Score
52
β˜… 189 β‘‚ 40 β€”
JavaScript
suriyaa
suriyaa
keylogger

:closed_lock_with_key: Open Source Python Keylogger Collection

Score
87
β˜… 188 β‘‚ 41 β€”
Python
GTekSD
GTekSD
SUASS

one-stop resource for all things offensive security.

Score
80
β˜… 181 β‘‚ 15 β€”
JavaScript
SySS-Research
SySS-Research
WireBug

WireBug is a toolset for Voice-over-IP penetration testing

Score
48
β˜… 177 β‘‚ 33 β€”
Python
lucideus-repo
lucideus-repo
UnSAFE_Bank

Vulnerable Banking Suite

Score
77
β˜… 173 β‘‚ 108 +1/day
PHP
yuawn
yuawn
Fuzzing

Fuzzing tutorial with easy-to-learn labs πŸš€

Score
0
β˜… 163 β‘‚ 18 β€”
C++
OWASP
OWASP
owasp-istg

The IoT Security Testing Guide (ISTG) provides a comprehensive methodology for penetration tests in the IoT field, offering flexibility to adapt innovations, and developments in the IoT market while still ensuring comparability of test results.

Score
83
β˜… 126 β‘‚ 24 β€”
Python
SNGWN
SNGWN
Mobile-PT

Mobile application security testing toolkit for Android, iOS & Flutter β€” ready-to-use FRIDA scripts (SSL pinning, root & anti-debug bypass, crypto monitoring), a full testing methodology, and hands-on guides.

Score
42
β˜… 122 β‘‚ 49 β€”
JavaScript
sterrasec
sterrasec
apkutil

a useful utility for android app security testing

Score
17
β˜… 100 β‘‚ 17 β€”
Python
BugBountyResources
BugBountyResources
Resources

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

Score
30
β˜… 98 β‘‚ 19 β€”
AnonKryptiQuz
AnonKryptiQuz
NextSploit

NextSploit is a command-line tool designed to detect and exploit CVE-2025-29927, a security flaw in Next.js

Score
28
β˜… 91 β‘‚ 19 β€”
Python
NeoTheCapt
NeoTheCapt
RedteamAgent

An AI red-team agent for authorized labs and web app pentesting workflows. Turns Claude Code / OpenCode / Codex into a structured recon β†’ test β†’ exploit β†’ report workflow, with containerized tools and resumable state.

Score
78
β˜… 91 β‘‚ 19 +4/day
Python
gbiagomba
gbiagomba
Sherlock

This script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)

Score
70
β˜… 87 β‘‚ 12 β€”
Shell
Evil-Project-Team
Evil-Project-Team
Evil-BW16-WebUI

Evil-BW16-WebUI is a dual-band (2.4GHz/5GHz) WiFi deauthentication tool for BW16 and ESP32 boards, featuring real-time monitoring, a web-based interface, channel hopping, and advanced packet injectionβ€”intended solely for ethical security testing.

Score
53
β˜… 86 β‘‚ 11 β€”
C++
kpcyrd
kpcyrd
boxxy-rs

Linkable sandbox explorer

Score
0
β˜… 84 β‘‚ 9 β€”
Rust
filipkarc
filipkarc
sqli-postgres-rce-privesc-hacking-playground

Application with SQL Injection vulnerability and possible privilege escalation. Free vulnerable app for ethical hacking / penetration testing training.

Score
27
β˜… 82 β‘‚ 23 β€”
PHP
Teycir
Teycir
BurpAPISecuritySuite

Burp Suite extension for API security testing with 15 attack types, 108+ payloads, intelligent fuzzing, BOLA/IDOR detection, AI integration, and automated reconnaissance. Supports REST/GraphQL/SOAP APIs with Nuclei, Turbo Intruder, and external tool integration. OWASP API Top 10 coverage.

Score
75
β˜… 73 β‘‚ 9 β€”
Python
olegnazarov
olegnazarov
rag-security-scanner

RAG/LLM Security Scanner identifies critical vulnerabilities in AI-powered applications, including chatbots, virtual assistants, and knowledge retrieval systems.

Score
38
β˜… 71 β‘‚ 10 β€”
Python
marcohextor
marcohextor
BOAST

BOAST is a server designed to receive and report Out-of-Band Application Security Testing (OAST) reactions.

Score
62
β˜… 65 β‘‚ 7 β€”
Go
shadsidd
shadsidd
Automated-XSS-Finder

Automated XSS Finder

Score
25
β˜… 64 β‘‚ 29 β€”
Python
okuken
okuken
integrated-security-testing-environment

Integrated Security Testing Environment for Web Applications as Burp Extension.

Score
15
β˜… 62 β‘‚ 5 β€”
Java
jay-johnson
jay-johnson
owasp-jenkins

Want to test your applications using the latest OWASP security toolchains and the NIST National Vulnerability Database using Jenkins, Ansible and docker? :whale: :shield: :lock:

Score
0
β˜… 56 β‘‚ 25 β€”
Shell
itboxltda
itboxltda
pentestlab

Script to manage and create local pentesting training virtual lab

Score
17
β˜… 52 β‘‚ 12 β€”
Shell
humanbound
humanbound
humanbound

Open-source AI agent red-team engine, SDK, and CLI. Run offline or against the Humanbound Platform.

Score
65
β˜… 51 β‘‚ 5 +6/day
Python
binarymist
binarymist
HolisticInfoSec-For-WebDevelopers-Fascicle0

:books: Overview :lock: Tooling :lock: Process :lock: Physical :lock: People :books:

Score
50
β˜… 50 β‘‚ 13 β€”
0xisk
0xisk
awesome-solidity-security

The purpose of this repo is to list all the related Research Papers focused on Smart-contracts security topics. As well as listing all the encountered smart-contracts defects with a summary description. πŸ›‘οΈ

Score
0
β˜… 45 β‘‚ 7 β€”
Solidity
AnonKryptiQuz
AnonKryptiQuz
BeeXSS

BeeXSS is a specialized automated tool designed to detect Blind XSS (Cross-Site Scripting) vulnerabilities in web applications.

Score
13
β˜… 38 β‘‚ 11 β€”
Python
SadeghHayeri
SadeghHayeri
LoL-Hacking

My Hacking Activities!

Score
12
β˜… 38 β‘‚ 7 β€”
Python
McKern3l
McKern3l
RAGdrag

RAG pipeline security testing toolkit - 27 techniques across 6 kill chain phases, mapped to MITRE ATLAS

Score
0
β˜… 37 β‘‚ 3 β€”
Python
go-appsec
go-appsec
toolbox

Collaborative application security testing between humans and agents via CLI and MCP

Score
58
β˜… 36 β‘‚ 5 β€”
Go
Related Topics
#security#security-tools#penetration-testing#pentesting#cybersecurity#hacking#security-automation#python#appsec#owasp#security-audit#security-vulnerability

Β© 2026 GitRepoTrend Β· GitHub repositories by topic Β· Updated weekly