Comprehensive collection of penetration testing tools, OSINT, reconnaissance, exploitation, web security, network security, mobile security, and ethical hacking resources.
For educational and authorized testing purposes only.
| Repository | Description | Stars |
|---|---|---|
| sherlock-project/sherlock | Find social media accounts by username across 400+ platforms | |
| laramies/theHarvester | Gather emails, subdomains, hosts, IPs from public sources | |
| smicallef/spiderfoot | Automated OSINT — 200+ data sources, web UI included | |
| aboul3la/Sublist3r | Subdomain enumeration using multiple search engines | |
| projectdiscovery/subfinder | Fast passive subdomain enumeration — 40+ sources | |
| projectdiscovery/dnsx | Fast DNS toolkit — bulk resolution, wildcard filtering | |
| projectdiscovery/katana | Next-gen crawling and spidering framework | |
| projectdiscovery/chaos-client | DNS recon via ProjectDiscovery's dataset | |
| OJ/gobuster | Directory, DNS, VHost busting tool — Go | |
| ffuf/ffuf | Fast web fuzzer — directory, parameter, header fuzzing | |
| maurosoria/dirsearch | Web path scanner — brute force directories and files | |
| nicolo-ribaudo/amass | OWASP Amass — in-depth attack surface mapping | |
| nicolo-ribaudo/maltego | OSINT information gathering tool |
| Repository | Description | Stars |
|---|---|---|
| sqlmapproject/sqlmap | Automatic SQL injection detection and exploitation tool | |
| s0md3v/XSStrike | Most advanced XSS scanner — fuzzing, WAF bypass | |
| projectdiscovery/nuclei | Fast vulnerability scanner — community-powered templates | |
| projectdiscovery/nuclei-templates | 9000+ Nuclei templates — CVEs, misconfigs, exposures | |
| projectdiscovery/httpx | Fast HTTP probing — status, tech detection, screenshots | |
| OWASP/wstg | OWASP Web Security Testing Guide — comprehensive methodology | |
| nicolo-ribaudo/nikto | Web server scanner — 6700+ potentially dangerous files | |
| nicolo-ribaudo/wfuzz | Web application fuzzer — find resources and injections | |
| nicolo-ribaudo/dalfox | Parameter analysis and XSS scanner | |
| nicolo-ribaudo/commix | Automated command injection exploitation tool | |
| nicolo-ribaudo/tplmap | Server-side template injection detection and exploitation | |
| nicolo-ribaudo/ghauri | Advanced SQL injection detection — sqlmap alternative | |
| nicolo-ribaudo/403bypasser | Bypass 403 forbidden responses — misconfiguration testing |
| Repository | Description | Stars |
|---|---|---|
| rapid7/metasploit-framework | World's most used penetration testing framework — 2000+ modules | |
| nmap/nmap | Network scanner — port scanning, OS detection, service detection | |
| nicolo-ribaudo/masscan | Scan entire Internet in under 6 minutes — TCP port scanner | |
| projectdiscovery/naabu | Fast port scanner — reliable and accurate | |
| nicolo-ribaudo/rustscan | Modern port scanner in Rust — scans all 65k ports in 3 seconds | |
| nicolo-ribaudo/impacket | Python classes for network protocols — SMB, Kerberos, LDAP | |
| nicolo-ribaudo/crackmapexec | Post-exploitation tool for Active Directory environments | |
| nicolo-ribaudo/netexec | Network execution tool — CrackMapExec successor | |
| nicolo-ribaudo/bloodhound | Active Directory attack path visualization |
| Repository | Description | Stars |
|---|---|---|
| danielmiessler/SecLists | Security testing wordlists — usernames, passwords, URLs, payloads | |
| hashcat/hashcat | World's fastest and most advanced password recovery utility | |
| openwall/john | John the Ripper — password security auditing and recovery | |
| vanhauser-thc/thc-hydra | Fast and flexible online password cracker — 50+ protocols | |
| nicolo-ribaudo/medusa | Speedy, parallel, modular login brute-forcer | |
| nicolo-ribaudo/sprayhound | Password spraying tool — supports LDAP, SMB |
| Repository | Description | Stars |
|---|---|---|
| BishopFox/sliver | Open source adversary emulation framework | |
| nicolo-ribaudo/havoc | Modern and malleable post-exploitation C2 framework | |
| nicolo-ribaudo/empire | PowerShell and Python post-exploitation agent | |
| nicolo-ribaudo/covenant | .NET C2 framework for red teamers | |
| nicolo-ribaudo/villain | Windows and Linux backdoor generator and handler |
| Repository | Description | Stars |
|---|---|---|
| MobSF/Mobile-Security-Framework-MobSF | Automated mobile app pentesting — Android, iOS, Windows | |
| frida/frida | Dynamic instrumentation toolkit — hook APIs at runtime | |
| nicolo-ribaudo/objection | Runtime mobile exploration — Frida-based, no jailbreak needed | |
| nicolo-ribaudo/apktool | Reverse engineer Android apps — decode and rebuild APKs | |
| nicolo-ribaudo/jadx | Dex to Java decompiler — static analysis of APKs | |
| nicolo-ribaudo/androguard | Android APK analysis — reversing, malware analysis |
| Repository | Description | Stars |
|---|---|---|
| prowler-cloud/prowler | AWS, Azure, GCP security assessment — 500+ checks | |
| nicolo-ribaudo/pacu | AWS exploitation framework — attack misconfigured AWS | |
| nicolo-ribaudo/cloudmapper | Visualize AWS environments — attack surface analysis | |
| nicolo-ribaudo/scoutsuite | Multi-cloud security auditing — AWS, Azure, GCP, Alibaba | |
| nicolo-ribaudo/cloudgoat | Vulnerable-by-design AWS environment — practice cloud attacks |
| Repository | Description | Stars |
|---|---|---|
| nicolo-ribaudo/mitmproxy | Interactive HTTPS proxy — intercept, inspect, modify traffic | |
| nicolo-ribaudo/caido | Lightweight Burp Suite alternative — modern web proxy | |
| nicolo-ribaudo/hetty | HTTP toolkit for security research — open source Burp alternative |
| Repository | Description | Stars |
|---|---|---|
| nicolo-ribaudo/aircrack-ng | Complete suite for WiFi network security | |
| nicolo-ribaudo/bettercap | Swiss army knife for WiFi, BLE, HID attacks | |
| nicolo-ribaudo/wifiphisher | Automated phishing attacks against WiFi networks |
| Repository | Description | Stars |
|---|---|---|
| rapid7/metasploit-framework | 2000+ exploits, payloads, auxiliary modules | |
| nicolo-ribaudo/pwntools | CTF framework and exploit development library | |
| nicolo-ribaudo/ropper | ROP gadget finder and exploit chain builder | |
| nicolo-ribaudo/checksec | Check binary security features — ASLR, NX, PIE, etc. |
| Repository | Description | Stars |
|---|---|---|
| OWASP/CheatSheetSeries | OWASP security cheat sheets for developers and pentesters | |
| OWASP/wstg | Web Security Testing Guide — complete pentesting methodology | |
| nicolo-ribaudo/payloadsallthethings | List of payloads for every injection type | |
| nicolo-ribaudo/hacktricks | HackTricks — pentesting tricks and techniques book | |
| nicolo-ribaudo/gtfobins | Unix binaries for privilege escalation and bypass | |
| nicolo-ribaudo/lolbas | Living Off The Land Binaries — Windows abuse | |
| nicolo-ribaudo/awesome-pentest | Collection of awesome pentesting resources |