Testing-tools Libraries

Also we are supporting and looking for contribution for project: Feel free to fork and add new content! Your contributions are always welcome!

Used for penetration testing and/or red-teaming etc. I created this tool because i needed a third party tool to generate a bunch of PDF files with various links. Output will be written as: test1.pdf,…

toxssin is an open-source penetration testing tool that automates the process of exploiting Cross-Site Scripting (XSS) vulnerabilities. It consists of an https server that works as an interpreter for…

The tool has been tested using Python 3.8.10 on Kali Linux 2022.2/3, Ubuntu 20.04.5 LTS, Windows 10/11. Windows Installation Linux Installation Windows Linux This project is supported by:

For educational, authorized and/or research purposes only. WARNING: The Autologon, oAuth2, and RST user enumeration modules work by submitting a single authentication attempt per user. If the modules…

Well, Spoofy is different and here is why: After the initial testing using Microsoft 365, some combinations were retested using Protonmail and Gmail due to the differences in their handling of banner…

Get the % difference in images using PIL's histogram + generate a diff image. Images should have the same color channels (for example, RGB vs RGBA). If the image dimensions differ, the 2nd image will…

Also, it gives you a baseline structure for your further injections of new security attacks or new IoT protocols. One of the most important features of PENIOT is being extensible. By default, it has …

IoT deployments just keep growing and one part of that significant grow is composed of millions of LPWAN (low-power wide-area network) sensors deployed at hundreds of cities (Smart Cities) around th…

• This tool is for educational purposes only. • We are not responsible for any illegal usage of this tool. LFITester is a Python3 tool which tests if a server is vulnerable to Local File Inclusion (L…

Reverse shells can be established through HTTP or HTTPS. The certificates used for HTTPS can be auto-generated by Phantom or supplied by the user. Phantom includes a helper shell script that enables …

一款集成了多种老牌工具字典的轻量级目录扫描器，包括御剑后台扫描字典，test404网站备份，web破壳扫描器，御剑1.5扫描字典，御剑专业版字典，wwwscan字典，dirscan字典，dirsafe字典，swebscan等字典已合并去重 支持多线程扫描，可指定线程数。 随机user-agent头。 -x指定X-forward-for头，默认随机。 -f支持导入字典检测。 -o导出html报告 …

The beginnings of a C2 framework. Currently without all the C2 stuff so far. Generates a dual stage VBS infection vector, and a dual stage HTA infection vector. The variables take into account C2 add…

The beginnings of a C2 framework. Currently without all the C2 stuff so far. Generates a dual stage VBS infection vector, and a dual stage HTA infection vector. The variables take into account C2 add…

The beginnings of a C2 framework. Currently without all the C2 stuff so far. Generates a dual stage VBS infection vector, and a dual stage HTA infection vector. The variables take into account C2 add…

INTRO: Miner in the Middle is a script that allows you to inject javascript miners into targets on your local network. It does this using python, scapy and netfilterqueue. When you run the applicatio…

While Blackhole is an MTA, none of the actions performed via SMTP or SMTPS are actually processed, and no email is delivered. You can tell Blackhole how to handle mail that it receives. It can accept…

If you think a project should be included here I really want to know, but keep in mind that this isn't supposed to be a dictionary. I want to keep the best, covering as many bases as possible while m…