Pentesting tools download links

By | February 8, 2021

Here is the list of Web pentesting tools that help you a lot in your Web pentesting career. Following are the links of pen-testing tools to GitHub

All these mentioned tools links are available on Github.

JOOMLA SCAN:

Following is the link to Joomla Scan pretesting tool which is available on GitHub.

–= https://github.com/drego85/JoomlaScan

[TOOLS] WEBPENTEST LIST v5

🎯 SN1PER – AUTOMATED PENTEST RECON SCANNER 🎯

–= https://github.com/1N3/Sn1per

πŸ“ƒ SUBLIST3R – DNS SCAN πŸ“ƒ

–= https://github.com/aboul3la/Sublist3r

🏁 PENTEST TOOL – CTF-TOOLS 🏁

–= https://github.com/MrMugiwara/CTF-Tools

πŸ‘‘ A PRIVACY-RESPECTING, HACKABLE METASEARCH ENGINE πŸ‘‘

–= https://github.com/asciimoo/searx

πŸ”Ž CMSMAP SCANNER CMS AUTMOMATIC πŸ”Ž

–= https://github.com/Dionach/CMSmap

πŸ•΅οΈ D-TECT – PENTESTING THE MODERN WEB πŸ•΅οΈ

–= https://github.com/shawarkhanethicalhacker/D-TECT-1

πŸ”Œ JSQL INJECTION V0.77 – JAVA APPLICATION FOR AUTOMATIC SQL DATABASE INJECTION πŸ”Œ

–= https://github.com/ron190/jsql-injection

βš”οΈ WAFNINJA – PENETRATION TESTERS FAVORITE FOR WAF BYPASSING βš”οΈ

–= https://github.com/khalilbijjou/WAFNinja

🍁 WHITEWIDOW 1.5.0 – SQL VULNERABILITY SCANNER 🍁

–= https://github.com/Ekultek/whitewidow

πŸ’₯ GOOGLE EXPLORER – GOOGLE MASS EXPLORER πŸ’₯

–= https://github.com/anarcoder/google_explorer

🎁 WORDPRESS MASS EXPLOITER 🎁

–= https://github.com/anarcoder/WordPressMassExploiter

βœ–οΈ JOOMLA MASS EXPLOITER βœ–οΈ

–= https://github.com/anarcoder/JoomlaMassExploiter

♨️ BBQSQL – A BLIND SQL INJECTION EXPLOITATION TOOL ♨️

–= https://github.com/Neohapsis/bbqsql

βš–οΈ VBSCAN 0.1.7.1 – BLACK BOX VBULLETIN VULNERABILITY SCANNER βš–οΈ

–= https://github.com/rezasp/vbscan/

🐲 DRACNMAP – PENTEST EXPLOIT NETWORK AND GATHERING INFORMATION WITH NMAP 🐲

–= https://github.com/screetsec/Dracnmap

🎣 QRLJACKER – QRLJACKING EXPLOITATION FRAMEWORK 🎣

–= https://github.com/OWASP/QRLJacking/tree/master/QrlJacking-Framework

πŸ§… ONIOFF – ONION URL INSPECTOR πŸ§…

–= https://github.com/k4m4/onioff

⬛️ BLACKBOX – A PENETRATION TESTING FRAMEWORK ⬛️

–= https://github.com/sepehrdaddev/blackbox

πŸ“ƒ BRUTEFORCE LISTS πŸ“ƒ

–= https://github.com/random-robbie/bruteforce-lists

🍹 DRUPAL ENUMERATION & EXPLOITATION TOOL 🍹

–= https://github.com/random-robbie/drupwn

🌴 DIRSEARCH WEB PATH SCANNER 🌴

–= https://github.com/maurosoria/dirsearch

🀜 PHP UNIT BRUTE 🀜

–= https://github.com/random-robbie/phpunit-brute

βœ”οΈ MINI PHP SHELLS βœ”οΈ

–= https://github.com/random-robbie/mini-php-shells

βš™οΈ AUTO RECON INFORMATION GATHERING TOOL βš™οΈ

–= https://github.com/random-robbie/AutoRecon

πŸ“§ WORDPRESS SMTP PLUGIN EXPLOIT πŸ“§

–= https://github.com/KTN1990/WordPress-Easy-WP-SMTP-plugin-0day

πŸ•Έ PHOTON WEB CRAWLER (OSINT) πŸ•Έ

–= https://github.com/s0md3v/Photon

▢️ ACID REVERSE IP LOOKUP ◀️

–= https://github.com/KTN1990/ACIDREVERSER

πŸ“¨ EMAIL LIST GRABBER V2 πŸ“¨

–= https://github.com/KTN1990/Email-Grabber

πŸƒJOOMLA COM_XCLONER UPLOAD SHELL πŸƒ

–= https://github.com/KTN1990/joomla-com_xcloner-upload_shell

☁️ CLOUD MANAGE SYSTEM(CMS) DETECTOR (PERL)☁️

–= https://github.com/KTN1990/CMS-FAST-CHECKR

πŸ“¬ POSTGRESQL DEFAULT PASSWORD AUTO EXPLOITER πŸ“¬

–= https://github.com/KTN1990/PostgreSQL–Attack-on-default-password-AUTOEXPLOITING-

🎟 BREACHER – MULTITHREAD ADMIN PANEL FINDER 🎟

–= https://github.com/s0md3v/Breacher

🧲 SHIVA – WORDPRESS DOS EXPLOIT TOOL 🧲

–= https://github.com/s0md3v/Shiva

β›“ PROXIFY MODULE FOR DUMP PROXIES β›“

–= https://github.com/s0md3v/proxify

🐭 XSS FINDER (REFLECTED XSS) 🐭

–= https://github.com/random-robbie/xssfinder

πŸ‘ΊMASSIVE | MIXED EXPLOIT TOOLS πŸ‘Ί

–= https://github.com/XiphosResearch/exploits

πŸ‘½ WORDPRESS USER ENUMERATION TOOL πŸ‘½

–= https://github.com/XiphosResearch/wp-user-enum-scripts

πŸ₯– WORDPRESS EXPLOITATION FRAMEWORK πŸ₯–

–= https://github.com/rastating/wordpress-exploit-framework

πŸ›‘ DEFACE WORDPRESS PAGE πŸ›‘

–= https://github.com/Bayz21/WP-3u3

βœ… WORDPRESS PLUGIN “WP CHECKOUT” MASS EXPLOIT βœ…

–= https://github.com/2inf3rnal/wp-checkout-exploit

πŸ’‰ WP CONTENT INJECTION MASS EXPLOIT TOOL πŸ’‰

–= https://github.com/dr-iman/wp-content-injection-mass-exploit

🐠 M3M0 PENETRATION TESTING TOOL (WORDPRESS, JOOMLA, DRUPAL) 🐠

–= https://github.com/mrwn007/M3M0.git

πŸ” DRUPAL HUNTER EXPLOITATION TOOL πŸ”

–= https://github.com/dr-iman/Drupal-Hunter

⏰ CMS DETECTOR v2 (WP, DUPAL, JOOMLA) ⏰

–= https://github.com/dr-iman/cms-detector

πŸ§™ WORDPRESS DETECTOR (VULN DORKER) πŸ§™

–= https://github.com/dr-iman/Wordpress-detector

πŸ“‘ PACKET STORM EXPLOIT LIST πŸ“‘

–= https://github.com/BuddhaLabs/PacketStorm-Exploits

⚜️ PHP SHELLS [LIST] ⚜️

–= https://github.com/backdoorhub/shell-backdoor-list/tree/master/shell/php

πŸ“ PHP FILE MANAGER πŸ“

–= https://github.com/alexantr/filemanager

πŸ›’ OPENCART BRUTEFORCE AND IMAGE UPLOAD πŸ›’

–= https://github.com/indoxploit-coders/opencart-bruteforce

πŸ•Έ WEBSHELLS v2 πŸ•Έ

–= https://github.com/phpshellxyz/webshell

πŸŽ– MIXED TOOLS (Cpanel Brute, ShellFinder, Symlink Shell, DDoSer) πŸŽ–

–= https://github.com/incredibleindishell/PHP-web-shells

βš”οΈ WHMCS KILLER V4 SHELL(Server Root, Domain Resellers, Client Root, CC, Pass, Accs) βš”οΈ

–= https://github.com/iamhex/WHMCS-Killer-v4

πŸ₯ͺ Amazon AWS S3 Bucket Enumeration πŸ₯ͺ

–= https://github.com/0xSearches/sandcastle/

πŸ“§ Amazon SMTP Credential Checker πŸ“§

–= https://github.com/noolep/AWCREC

πŸ”‘ Twilio Mass Checker πŸ”‘

–= https://github.com/noolep/Twilio_Check

🧧 Laravel .env Database Exploit 🧧

–= https://github.com/security007/laravelExploit

πŸ”« 007 Scanner(Grabber, Admin finder and more) πŸ”«

–= https://github.com/security007/007scanner

πŸ’₯ Laravel Config Exploit πŸ’₯

–= https://github.com/anhaxteam/laravel-config-exploit

βœ–οΈ Laravel PHP Unit RCE and Env Exploiter βœ–οΈ

–= https://github.com/vsec7/Laravel-PhpUnit-Rce-And-Get-Env-Exploiter

0️⃣ Zerobyte’s Laravel Exploiter 0️⃣

–= https://github.com/zerobyte-id-bak/LaravelENV

πŸ•Ά DarkSplitz Exploit Framework πŸ•Ά

–= https://github.com/koboi137/darksplitz

πŸ‘ NetAss2 – Network Assessment Assistance Framework πŸ‘

–= https://github.com/zerobyte-id-bak/NetAss2

πŸ“ž Bashter – Web Scanner & Analyzer πŸ“ž

–= https://github.com/zerobyte-id-bak/Bashter

πŸ₯‘ Domain Take Over Finder πŸ₯‘

–= https://github.com/zerobyte-id-bak/FinderDomainTakeOver

😎 Sudomy – Subdomain Enumeration & Analysis 😎

–= https://github.com/Screetsec/Sudomy

πŸ†™ WordPress Auto Upload Shell in Plugin πŸ†™

–= https://github.com/AnonRoz-Team/wp_auto_upshell

πŸ—ΌDomain to IP [FAST] πŸ—Ό

–= https://github.com/rebl0x3r/domain2ip

🧲 attacker – Website Vulnerability Scanner & Auto Exploiter 🧲

–= https://github.com/moham3driahi/xattacker

πŸ’‰ SQLI, LFI, XSS and RCE Darker & Auto Exploiter πŸ’‰

–= https://github.com/xpr1m3/sqli-lfi-xss-rce-dorker-and-auto-exploiter-python-

🦌 Drupal Hunter 🦌

–= https://github.com/dr-iman/drupal-hunter

πŸ’₯ WordPress Exploits (Stored XSS, XML-RPC DDoS, Add Admin, RSS, log in) πŸ’₯

–= https://github.com/shadowz3n/wpexploit

◀️ Revslider Auto Exploiter ◀️

–= https://github.com/kyo1337/revsliderautoexploiter

πŸ•Έ WebDav Mass Exploiter πŸ•Έ

–= https://github.com/kyo1337/Webdav-Mass-Exploiter

πŸ§– IP Mass Grabber [.exe] πŸ§–

–= https://github.com/kyo1337/Mass-IP-Grabbing

🐚 Shell Finder [ Dictionary Attack + Wordlist ]🐚

–= https://github.com/kyo1337/Shell-Finder

πŸ” CMS Detector + Vulnerability Finder (Exploit DB) πŸ”

–= https://github.com/ptonewreckin/cmsdetector

🦾 Advanced CMS Detector (Slow but Exact) 🦾

–= https://github.com/redhathackers/cms-detector

πŸ–₯ RDP Cracker [ BASH + Wordlists ] πŸ–₯

–= https://github.com/exploit-inters/crackrdp

βœ”οΈ TIDoS – The Offensive Manual Web Application Penetration Testing Framework βœ”οΈ

–= https://github.com/exploit-inters/TIDoS-Framework

⚑️ CMS Detector v3 – Fast & Multi Threads⚑️

–= https://raw.githubusercontent.com/NinjaCR3/CMS-Detector/master/xcms.py

Leave a Reply

Your email address will not be published. Required fields are marked *