back to home

Best Open Source pentesting Libraries

A curated list of the most popular GitHub repositories tagged with pentesting. Select any project to visualize its architecture and dive into the codebase using RepoMind's AI engine.

#1sherlock-project/sherlock

Hunt down social media accounts by username across social networks

73,015Python
Analyze Code

#2sqlmapproject/sqlmap

Automatic SQL injection and database takeover tool

36,652Python
Analyze Code

#3KeygraphHQ/shannon

Fully autonomous AI hacker to find actual exploits in your web apps. Shannon has achieved a 96.15% success rate on the hint-free, source-aware XBOW Benchmark.

24,161TypeScript
Analyze Code

#4qeeqbox/social-analyzer

API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites

21,156JavaScript
Analyze Code

#5bee-san/Ciphey

⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡

21,039Python
Analyze Code

#6bee-san/RustScan

🤖 The Modern Port Scanner 🤖

19,250Rust
Analyze Code

#7soxoj/maigret

🕵️‍♂️ Collect a dossier on a person by username from thousands of sites

19,023Python
Analyze Code

#8maurosoria/dirsearch

Web path scanner

14,010Python
Analyze Code

#9OJ/gobuster

Directory/File, DNS and VHost busting tool written in Go

13,434Go
Analyze Code

#10OWASP/mastg

The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes technical processes for verifying the OWASP Mobile Security Weakness Enumeration (MASWE) weaknesses, which are in alignment with the OWASP MASVS.

12,727Python
Analyze Code

#11juice-shop/juice-shop

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

12,528TypeScript
Analyze Code

#12blacklanternsecurity/bbot

The recursive internet scanner for hackers. 🧡

9,438Python
Analyze Code

#131N3/Sn1per

Attack Surface Management Platform

9,400Shell
Analyze Code

#14dstotijn/hetty

An HTTP toolkit for security research.

9,315Go
Analyze Code

#15byt3bl33d3r/CrackMapExec

A swiss army knife for pentesting networks

9,070Python
Analyze Code

#16n1nj4sec/pupy

Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) C2 and post-exploitation framework written in python and C

8,942Python
Analyze Code

#17OWASP/wstg

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

8,858
Analyze Code

#18infoslack/awesome-web-hacking

A list of web application security

6,782
Analyze Code

#19HunxByts/GhostTrack

Useful tool to track location or mobile number

6,764Python
Analyze Code