A collection of various awesome lists for hackers, pentesters and security researchers
-
Updated
May 7, 2026
A collection of various awesome lists for hackers, pentesters and security researchers
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Shannon is an autonomous, white-box AI pentester for web applications and APIs. It analyzes your source code, identifies attack vectors, and executes real exploits to prove vulnerabilities before they reach production.
Open-source AI penetration testing tool to find and fix your app’s vulnerabilities.
This repository is maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), AI security, vulnerability research, exploit development, reverse engineering, and more. 🔥 Also check: https://hackertraining.org
817 structured cybersecurity skills for AI agents · Mapped to 6 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND, NIST AI RMF & MITRE F3 (Fight Fraud) · agentskills.io standard · Works with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI & 20+ platforms · 29 security domains · Apache 2.0
Fully autonomous AI Agents system capable of performing complex penetration testing tasks
A collection of hacking / penetration testing resources to make you better!
A collection of hacking tools, resources and references to practice ethical hacking.
Web path scanner
Automated Penetration Testing Agentic Framework Powered by Large Language Models
🐶 A curated list of Web Security materials and resources.
Osintgram is a OSINT tool on Instagram. It offers an interactive shell to perform analysis on Instagram account of any users by its nickname
Automated penetration testing & attack surface management platform. Recon, scan, exploit, report — 600+ exploits, 90+ integrations, 10K+ detections.
Nishang - Offensive PowerShell for red team, penetration testing and offensive security.
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
Tools and Techniques for Red Team / Penetration Testing
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…
Add a description, image, and links to the penetration-testing topic page so that developers can more easily learn about it.
To associate your repository with the penetration-testing topic, visit your repo's landing page and select "manage topics."