SaaSHub helps you find the best software and product alternatives Learn more →
Top 20 Shell Penetration Testing Projects
-
reconftw
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
-
pwncat
pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE) (by cytopia)
-
GooFuzz
GooFuzz is a tool to perform fuzzing with an OSINT approach, managing to enumerate directories, files, subdomains or parameters without leaving evidence on the target's server and by means of advanced Google searches (Google Dorking).
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
-
Garud
An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.
-
awesome-bbht
A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.
-
-
Reconky-Automated_Bash_Script
Reconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.
-
cd
CloudDefense.ai is an automated web application security testing tool that audits your web applications by checking for vulnerabilities like SQL Injection, Cross-site scripting and other exploitable vulnerabilities.
-
-
Penetration-Testing-Helper-Scripts
Some scripts to improve the Quality of Life for a penetration tester when working
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
For the OSCP exam I used some of the bash scripts from this repository. The one for reverse shells would automatically fetch the vpn IP address and add it to the reverse shell commands, which saved time during the exam
NOTE:
The open source projects on this list are ordered by number of github stars.
The number of mentions indicates repo mentiontions in the last 12 Months or
since we started tracking (Dec 2020).
Shell Penetration Testing related posts
-
Web App Pentesting Career
-
Git branching for small teams
-
checkbox for what to do when trying to hack a website?
-
What's your favorite cybersecurity documentation and why?
-
Bad Pods: Kubernetes Pod Privilege Escalation
-
[Security] Escaping a docker container through the web shell
-
#HuntKit: Docker: Ubuntu con un montón de herramientas PenTesting y wordlists
-
A note from our sponsor - SaaSHub
www.saashub.com | 1 Jun 2024
Index
What are some of the best open-source Penetration Testing projects in Shell? This list will help you:
| Project | Stars | |
|---|---|---|
| 1 | Sn1per | 7,621 |
| 2 | reconftw | 5,304 |
| 3 | lscript | 3,938 |
| 4 | AllHackingTools | 2,686 |
| 5 | EMBA | 2,455 |
| 6 | pwncat | 1,696 |
| 7 | GooFuzz | 1,245 |
| 8 | htshells | 991 |
| 9 | Garud | 753 |
| 10 | awesome-bbht | 545 |
| 11 | badPods | 552 |
| 12 | huntkit | 203 |
| 13 | Reconky-Automated_Bash_Script | 193 |
| 14 | stegextract | 107 |
| 15 | cd | 49 |
| 16 | webrecon | 49 |
| 17 | NWPentestUtils | 7 |
| 18 | aegis | 5 |
| 19 | Penetration-Testing-Helper-Scripts | 3 |
| 20 | project-macsec | 1 |
Sponsored
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com