• Home
  • Categories
  • Pricing
  • Submit
    Built with
    Ever Works
    Ever Works

    Connect with us

    Stay Updated

    Get the latest updates and exclusive content delivered to your inbox.

    Product

    • Categories
    • Pricing
    • Help

    Clients

    • Sign In
    • Register
    • Forgot password?

    Company

    • About Us
    • Admin
    • Sitemap

    Resources

    • Blog
    • Submit
    • API Documentation
    All product names, logos, and brands are the property of their respective owners. All company, product, and service names used in this repository, related repositories, and associated websites are for identification purposes only. The use of these names, logos, and brands does not imply endorsement, affiliation, or sponsorship. This directory may include content generated by artificial intelligence.
    Copyright © 2025 Ever. All rights reserved.·Terms of Service·Privacy Policy·Cookies
    Decorative pattern
    Decorative pattern
    1. Home
    2. Security
    3. Awesome Pentest

    Awesome Pentest

    A collection of awesome penetration testing and offensive cybersecurity resources including tools for web app testing, network reconnaissance, exploitation, forensics, and CTF challenges.

    Overview

    Awesome Pentest provides a comprehensive collection of penetration testing resources, tools, and offensive security materials for ethical hackers and security professionals.

    Network Tools

    Reconnaissance

    • Nmap - Network discovery and security auditing
    • Masscan - Fast TCP port scanner
    • Shodan - Search engine for Internet-connected devices
    • theHarvester - Email and subdomain gathering

    Vulnerability Scanning

    • Nessus - Vulnerability scanner
    • OpenVAS - Open source vulnerability scanner
    • Nikto - Web server scanner

    Web Application Testing

    Proxies & Testing Tools

    • Burp Suite - Web vulnerability scanner
    • OWASP ZAP - Web app security scanner
    • SQLMap - Automatic SQL injection tool
    • XSStrike - Advanced XSS detection suite

    Web Frameworks

    • W3af - Web application attack framework
    • Arachni - Web application security scanner

    Exploitation Frameworks

    • Metasploit - Penetration testing framework
    • Empire - PowerShell post-exploitation
    • Cobalt Strike - Threat emulation software
    • Social-Engineer Toolkit - Social engineering attacks

    Wireless Testing

    • Aircrack-ng - WiFi security auditing
    • Kismet - Wireless network detector
    • Reaver - WPS attack tool
    • Wifite - Automated wireless auditor

    Password Tools

    • John the Ripper - Password cracker
    • Hashcat - Advanced password recovery
    • Hydra - Network login cracker
    • CeWL - Custom wordlist generator

    Forensics

    • Autopsy - Digital forensics platform
    • Volatility - Memory forensics framework
    • Sleuth Kit - Collection of forensic tools
    • Wireshark - Network protocol analyzer

    CTF & Learning

    Platforms

    • HackTheBox - Penetration testing labs
    • TryHackMe - Learn cybersecurity
    • PicoCTF - Beginner CTF
    • OverTheWire - Wargames for learning

    Vulnerable Applications

    • DVWA - Damn Vulnerable Web Application
    • WebGoat - OWASP vulnerable application
    • bWAPP - Buggy web application
    • Metasploitable - Vulnerable Linux distribution

    Mobile Security

    • MobSF - Mobile Security Framework
    • Frida - Dynamic instrumentation toolkit
    • Drozer - Android security assessment
    • objection - Runtime mobile exploration

    Books & Resources

    • The Web Application Hacker's Handbook
    • Penetration Testing: A Hands-On Introduction
    • OWASP Testing Guide
    • PTES Technical Guidelines

    Features

    • Comprehensive tool collection
    • Network and application testing
    • Exploitation frameworks
    • Forensics capabilities
    • Learning resources
    • CTF platforms

    Use Cases

    • Penetration testing engagements
    • Security audits and assessments
    • Bug bounty hunting
    • Red team operations
    • Security training and education
    • CTF competitions

    Pricing

    Most tools are free and open source. Commercial tools:

    • Burp Suite Pro: $449/year
    • Nessus Professional: $4,000+/year
    • Cobalt Strike: $3,500/user/year
    Surveys

    Loading more......

    Information

    Websitegithub.com
    PublishedMar 15, 2026

    Categories

    1 Item
    Security

    Tags

    4 Items
    #pentesting#security#hacking#cybersecurity

    Similar Products

    6 result(s)

    Awesome Hacking

    A collection of various awesome lists for hackers, pentesters and security researchers aggregating multiple security-focused awesome lists in one place, covering everything from web security to reverse engineering.

    Awesome CTF Resources

    A list of Capture The Flag (CTF) frameworks, libraries, resources and software for started and experienced CTF players. Includes platforms, tools, writeups, and learning materials.

    Awesome-Hacker-Search-Engines

    An Awesome-style curated list of specialized search engines valuable for penetration testing, vulnerability assessment, red/blue team operations, and bug bounty work.

    Awesome Hacking Learning Path

    A comprehensive hacking learning path covering penetration testing, OSINT, Linux, networking, web application security, cryptography, exploitation, reverse engineering, forensics, CVEs, and CTF challenges, perfect for beginners and professionals mastering ethical hacking.

    Awesome Data Privacy

    A curated list of data privacy and security resources covering encryption, anonymization, and privacy-preserving technologies. Essential for building privacy-focused applications.

    Awesome Incident Response

    A curated list of tools for incident response, including specialized Linux distributions, forensic toolkits, and security monitoring solutions. Essential resources for security teams and SOCs.