awesome-pentest
github.com/yllnelaj/awesome-pentest ↗A collection of awesome penetration testing resources, tools and other shiny things
Use this list with your AI agent
Add the Context Awesome MCP server to Claude, Cursor, or any MCP client, then ask:
"Show me europe resources from awesome-pentest"
Installation instructions →What's inside
Periodicals
- 2600: The Hacker Quarterly
American publication about technology and computer "underground" culture.
Conferences and Events
- 44ConEurope
Annual Security Conference held in London.
- AppSecUSANorth America
Annual conference organized by OWASP.
- BalCConEurope
Balkan Computer Congress, annually held in Novi Sad, Serbia.
- Black HatNorth America
Annual security conference in Las Vegas.
- BruCONEurope
Annual security conference in Belgium.
- BSides
Framework for organising and holding security conferences.
Network Tools
- ACLightNetwork Reconnaissance Tools
Script for advanced discovery of sensitive Privileged Accounts - includes Shadow Admins.
- Aircrack-ngWireless Network Tools
Set of tools for auditing wireless networks.
- AirgeddonWireless Network Tools
Multi-use bash script for Linux systems to audit wireless networks.
- AneviconDDoS Tools
Powerful UDP-based load generator, written in Rust.
- AQUATONENetwork Reconnaissance Tools
Subdomain discovery tool utilizing various open sources producing a report that can be used as input to other tools.
- BetterCAPProxies and Machine-in-the-Middle (MITM) Tools
Modular, portable and easily extensible MITM framework.
Network Vulnerability Scanners
- ACSTISWeb Vulnerability Scanners
Automated client-side template injection (sandbox escape/bypass) detection for AngularJS.
- ArachniWeb Vulnerability Scanners
Scriptable framework for evaluating the security of web applications.
- celerystalk
Asynchronous enumeration and vulnerability scanner that "runs all the tools on all the hosts" in a configurable manner.
- cms-explorerWeb Vulnerability Scanners
Reveal the specific modules, plugins, components and themes that various websites powered by content management systems are running.
Privilege Escalation Tools
- Active Directory and Privilege Escalation (ADAPE)
Umbrella script that automates numerous useful PowerShell modules to discover security misconfigurations and attempt privilege escalation against Active Directory.
- DomainPasswordSprayPassword Spraying Tools
Tool written in PowerShell to perform a password spray attack against users of a domain.
Books
- Advanced Penetration Testing by Wil Allsopp, 2017
- Advanced Penetration Testing for Highly-Secured Environments by Lee Allen, 2012
- Advanced Persistent Threat Hacking: The Art and Science of Hacking Any Organization by Tyler Wrightson, 2014
- Android Hacker's Handbook by Joshua J. Drake et al., 2014
- Black Hat Python: Python Programming for Hackers and Pentesters by Justin Seitz, 2014
- BTFM: Blue Team Field Manual by Alan J White & Ben Clark, 2017
Online Resources
- Android ExploitsOther Lists Online
Guide on Android Exploitation and Hacks.
- Android SecurityOther Lists Online
Collection of Android security related resources.
- AppSecOther Lists Online
Resources for learning about application security.
- Awesome AwesomnessOther Lists Online
The List of the Lists.
- Awesome MalwareOther Lists Online
Curated collection of awesome malware, botnets, and other post-exploitation tools.
- Awesome Shodan QueriesOther Lists Online
Awesome list of useful, funny, and depressing search queries for Shodan.
Operating System Distributions
- Android Tamer
Distribution built for Android security professionals that includes tools required for Android security testing.
- ArchStrike
Arch GNU/Linux repository for security professionals and enthusiasts.
- AttifyOS
GNU/Linux distribution focused on tools useful during Internet of Things (IoT) security assessments.
- BlackArch
Arch GNU/Linux-based distribution for penetration testers and security researchers.
- Buscador
GNU/Linux virtual machine that is pre-configured for online investigators.
Showing a sample of 530 resources. View the full list on GitHub →