For framework de pruebas de penetración para auditorías de seguridad, the strongest matches are shadow1ng/fscan (Fscan is an automated penetration testing framework with a), infinition/bjorn (Bjorn is a full-featured, open-source penetration testing framework that) and pennyw0rth/netexec (NetExec is a modular penetration testing framework focused on). rapid7/metasploit-framework and manisso/fsociety round out the shortlist. Each is ranked by relevance to your query, popularity and recent activity.
Curamos repositorios de código abierto en GitHub que coinciden con “hacking”. Los resultados están clasificados por relevancia según tu búsqueda; usa los filtros de abajo para acotar o refina con IA.
Fscan is an automated penetration testing tool designed for internal network reconnaissance and vulnerability assessment. It functions as a comprehensive security framework that maps network infrastructure, identifies active hosts and services, and detects security weaknesses across internal environments. The tool distinguishes itself through a modular plugin architecture that allows for extensible security checks and a stateful asset tracking system that maintains an in-memory registry of discovered infrastructure. It incorporates a dedicated credential brute-force engine for testing passwor
Fscan is an automated penetration testing framework with a modular plugin architecture, network scanning, vulnerability detection, credential brute-forcing, and post‑exploitation capabilities — it directly serves internal network security assessments as requested.
Bjorn is a penetration testing framework that automates network scanning, credential brute-forcing, vulnerability assessment, and data exfiltration, all coordinated through an event-driven task pipeline and controlled via a web-based dashboard. Its modular plugin architecture allows independent security modules to be loaded and chained together, with an asynchronous network scanner discovering live hosts and open ports without blocking the main execution flow. The framework distinguishes itself by integrating a credential brute-force engine that systematically attempts login combinations agai
Bjorn is a full-featured, open-source penetration testing framework that automates network scanning, credential brute-forcing, vulnerability assessment, and data exfiltration through an event-driven, modular plugin architecture with a web-based dashboard — directly matching the intent for a comprehensive ethical hacking toolkit.
NetExec is a framework for concurrent credential spraying and remote command execution across network protocols. It provides input sanitization and command parsing to reduce injection risks, a plugin-based protocol abstraction that dispatches credentials and commands uniformly regardless of transport, and session and token lifecycle management for long-running multi-command operations. Results from concurrent executions are collected and normalized through a result aggregation pipeline. The framework includes a concurrent job scheduler that manages worker threads for parallel execution across
NetExec is a modular penetration testing framework focused on credential spraying, remote command execution, and lateral movement across multiple protocols, making it a solid fit for this security assessment toolkit search, though it prioritizes post-exploitation over broader network scanning and exploit modules.
The framework is a comprehensive penetration testing platform designed for the development, testing, and execution of security exploits. It serves as a research toolkit and automated assessment environment, enabling security professionals to identify and validate vulnerabilities within networked systems and infrastructure through repeatable, standardized procedures. The platform distinguishes itself through a modular architecture that supports reflective payload injection, allowing for the execution of code directly in memory without writing to disk. It utilizes an asynchronous event loop to
Metasploit is the industry-standard open-source penetration testing framework, directly matching your search for ethical hacking tools with its exploit modules, network scanning, vulnerability detection, multi-protocol support, post‑exploitation capabilities, and modular architecture.
fsociety is a penetration testing framework and security tool orchestrator designed to conduct full security audits. It functions as a wrapper that integrates external security binaries into a unified, menu-driven interface, providing a centralized system for command-line parameter mapping and execution. The project distinguishes itself by organizing specialized utilities into domain-specific collections for structured navigation. It automates the transition between different phases of an audit by chaining reconnaissance and exploitation tools through sequential workflow automation. The fram
fsociety is a Python-based penetration testing framework that wraps multiple external security tools into a unified menu-driven interface, covering reconnaissance, exploitation, post-exploitation, and vulnerability detection with modular organization — directly matching this search for an open-source ethical hacking toolkit with those core capabilities.
PentestGPT is an autonomous security testing framework that leverages large language models to plan, execute, and coordinate end-to-end penetration testing engagements. By functioning as an autonomous agent, the system automates the entire testing lifecycle, from initial reconnaissance and vulnerability analysis to the generation of custom exploits and the execution of post-exploitation tasks. The platform distinguishes itself through a multi-agent orchestration system that coordinates specialized AI agents to collaborate on complex, multi-stage attack chains. It integrates multimodal context
PentestGPT is an autonomous penetration testing framework that uses AI agents to coordinate the full testing lifecycle—reconnaissance, vulnerability analysis, exploit generation, and post-exploitation—fitting the search for a comprehensive security assessment tool.
CrackMapExec is a network penetration testing framework and automated security scanner designed to assess security postures across large IP ranges. It functions as a multi-protocol security scanner and network protocol auditor used to identify vulnerabilities and misconfigurations. The tool provides capabilities for Active Directory auditing to enumerate users and permissions, as well as post-exploitation enumeration to gather system metadata and discover lateral movement paths. It includes a framework for credential spraying and harvesting across various network services. The system utilize
CrackMapExec is a dedicated network penetration testing framework that supports multi-protocol scanning, credential spraying, post-exploitation enumeration, and lateral movement—all core capabilities of an ethical hacking toolkit—and its modular plugin architecture directly matches the requested features.
afrog is an HTTP vulnerability scanner and web vulnerability management system that identifies security flaws and known CVEs using a YAML-based rule engine. It functions as a payload generator and scanner, comparing server responses against detection rules to find unauthorized access points. The project provides a framework for out-of-band security testing, detecting blind vulnerabilities by triggering and verifying external DNS or HTTP callbacks. Beyond web traffic, it includes a protocol fuzzer capable of executing multi-step read and write sequences over raw TCP and SSL sockets to identify
afrog is a YAML-driven HTTP vulnerability scanner and out-of-band testing framework with network scanning, protocol fuzzing, and reporting, which fits the penetration-testing and security-assessment category but is focused on vulnerability detection rather than full post-exploitation or exploit delivery.
Empire is a command and control framework and post-exploitation toolkit used for network penetration testing. It serves as a centralized platform for coordinating remote agent communication and automating the delivery of security testing payloads to target systems. The project provides a suite of modules for host reconnaissance, lateral movement, and credential harvesting across corporate environments. It functions as a remote administration tool to maintain persistence and execute commands on compromised hosts. The framework incorporates capabilities for agent orchestration and the executio
Empire is a command-and-control framework and post-exploitation toolkit for network penetration testing, but it focuses on agent orchestration and lateral movement rather than providing network scanning, exploit modules, or vulnerability detection from the start.
Nmap is a command-line network security scanner and reconnaissance framework designed for infrastructure mapping and security auditing. It functions as a packet crafting utility that probes target systems to identify active hosts, detect open ports, and determine the services and operating systems running on a network. The tool distinguishes itself through its ability to perform raw socket packet injection and stateful connection tracking, allowing it to bypass standard operating system networking stacks. It utilizes an asynchronous concurrency model to manage large-scale network scans and em
Nmap is the industry-standard network mapper and security scanner, widely used in penetration testing for host discovery, port scanning, and service detection—it integrates NSE scripts for some exploitation and vulnerability detection, making it a core reconnaissance tool, though it lacks full post-exploitation and reporting modules.
Nuclei is a modular security scanning framework designed for automated vulnerability detection and infrastructure reconnaissance. It functions as a template-driven engine that executes security checks across diverse network protocols, allowing users to define custom detection logic to identify vulnerabilities, misconfigurations, and exposed assets. The platform distinguishes itself through its highly extensible architecture, which supports distributed scanning, headless browser automation for dynamic web content, and out-of-band interaction monitoring to detect blind vulnerabilities. It integ
Nuclei is a template-driven scanning framework that automates vulnerability detection across diverse protocols, making it a direct fit for penetration testing and security assessment; it lacks explicit post-exploitation modules but excels in modular, extensible scanning and reporting.
TheFatRat is a security exploitation framework designed to automate the creation, obfuscation, and deployment of payloads for penetration testing. It functions as a comprehensive toolkit that streamlines the exploitation lifecycle, enabling users to generate malicious executables, manage network listeners, and execute post-exploitation tasks through a unified command-line interface. The framework distinguishes itself by integrating various third-party exploitation utilities into a single, orchestrated workflow. It provides specialized capabilities for embedding code into legitimate binaries a
TheFatRat is a penetration testing framework focused on automated payload creation, obfuscation, and deployment with post-exploitation capabilities, making it a relevant tool for ethical hacking, though it does not natively include network scanning or vulnerability detection.
PowerSploit is a collection of PowerShell modules designed for security assessment, penetration testing, and red team operations. It provides a framework for auditing Windows system configurations and evaluating the effectiveness of security defenses within an enterprise environment. The framework focuses on techniques that leverage native system administration tools and scripting environments to perform operations. It includes capabilities for executing arbitrary commands, escalating user privileges, and maintaining system persistence through event subscriptions. By utilizing in-memory execu
PowerSploit is a PowerShell-based penetration testing framework focused on Windows security assessment and post-exploitation, which directly matches the search for an ethical hacking toolkit, though it is limited to Windows environments and does not cover all desired features like multi-protocol support or standalone reporting.
Nishang is a PowerShell-based offensive security framework designed for red teaming and penetration testing on Windows targets. It functions as a post-exploitation toolkit and payload generator to automate attacks and manage remote targets. The project provides specialized capabilities for bypassing security controls, such as disabling the Antimalware Scan Interface and employing in-memory execution to avoid disk-based detection. It includes a variety of stealthy command and control mechanisms, utilizing non-standard channels like DNS TXT records, ICMP traffic, and webmail for communication a
Nishang is a PowerShell-based offensive security framework designed for post-exploitation and payload generation on Windows targets, which squarely fits the penetration testing toolkit category but lacks explicit network scanning and vulnerability detection features.
This project is a comprehensive cybersecurity tool collection designed to support security research, penetration testing, and vulnerability assessment. It functions as a unified penetration testing suite, providing a centralized environment where professionals can access a wide range of offensive security utilities to identify system weaknesses and study attack vectors. The platform distinguishes itself through a modular architecture that aggregates disparate security scripts into a single, hierarchical command-line interface. It simplifies the management of these utilities by integrating ext
z4nzu/hackingtool is a modular collection of various cybersecurity tools unified into a single command-line interface, making it a practical ethical hacking toolkit that covers network scanning, exploits, and web attacks through its aggregated utilities — it fits the search for an open-source penetration testing suite, though it acts as a tool launcher rather than a standalone framework with its own exploit engine.
w3af is a web penetration testing suite and security audit framework designed to identify and exploit vulnerabilities in web applications. It functions as a vulnerability scanner that crawls targets to find injection points and a fuzzer used to discover hidden endpoints and test input validation. The project distinguishes itself by providing an intercepting HTTP proxy for capturing and modifying traffic, combined with a knowledge-base driven exploitation system. It enables the execution of security exploits to gain remote shell access and supports post-exploitation activities, such as routing
w3af is a web application penetration testing framework that provides vulnerability scanning, exploitation, and an intercepting proxy; it matches your search for an open-source ethical hacking toolkit, though its scope is limited to web apps rather than general network penetration testing.
Maskphish is a comprehensive security toolkit that integrates capabilities for digital forensics, network vulnerability scanning, open-source intelligence, penetration testing, and social engineering. It functions as a multi-purpose framework for automating reconnaissance and executing security audits across diverse network environments. The project features a specialized phishing and social engineering toolkit used for cloning websites, masking URLs, and deploying deceptive pages to capture user credentials. It also includes a remote access Trojan builder for generating platform-specific exe
Jaykali/Maskphish is a multi-purpose penetration testing toolkit that combines network vulnerability scanning, phishing, social engineering, and remote access building, but its focus on those specific areas means it is a narrower tool rather than a comprehensive general-purpose framework.
BeEF is a modular security testing environment designed for browser exploitation and web application auditing. It functions as a platform for security professionals to evaluate client-side defenses by injecting persistent scripts into web browsers, establishing a bidirectional communication channel for remote command execution and data exfiltration. The framework distinguishes itself through its ability to use compromised browser sessions as proxies to conduct internal network reconnaissance, effectively bypassing perimeter security controls. It utilizes an event-driven control interface and
BeEF is a penetration testing framework specialised in browser exploitation and web application auditing, offering modular architecture, exploit modules, post‑exploitation, and internal network reconnaissance—a solid fit for security assessment, though lacking broad network scanning and multi‑protocol support.
Trape is a browser-based remote access tool and exploit framework designed for gathering device geolocation, hardware profiles, and network data. It functions as an open-source intelligence platform and a system for executing custom scripts and triggering browser vulnerabilities to capture credentials or monitor device activity. The project features a real-time geolocation tracker capable of retrieving precise physical coordinates and monitoring individual movement, including silent acquisition that bypasses standard location prompts. It further provides a network tunneling service to make lo
Trape is a browser-based remote access and exploit framework focused on geolocation tracking, OSINT gathering, and credential capture, so it fits the penetration testing toolkit search but is narrower in scope than a full-featured framework covering all required features like multi-protocol support and broad exploit modules.
Pacu is an exploitation framework designed for auditing and testing the security of Amazon Web Services environments. It serves as a cloud penetration testing tool and resource enumerator used to identify misconfigurations, map attack surfaces, and execute privilege escalation paths. The framework provides specialized capabilities for post-exploitation and red team operations, including establishing persistence through identity and access management backdooring. It distinguishes itself with a plugin-based module system that allows for the development of custom tasks and the orchestration of A
Pacu is an exploitation framework focused on AWS cloud penetration testing with a modular plugin system and post-exploitation capabilities, fitting the security assessment toolkit category but limited to AWS environments rather than covering general network scanning or multi-protocol exploits.
reconftw is an attack surface management framework and reconnaissance workflow orchestrator designed to automate the discovery, mapping, and monitoring of external digital assets. It operates as a modular tool-chain pipeline that coordinates a sequence of security tools to perform intelligence gathering and vulnerability scanning. The project distinguishes itself through a cloud-native deployment model that parallelizes scanning workloads across a fleet of remote VPS instances to bypass local resource constraints. It utilizes container-based environment isolation to ensure consistent executio
reconftw is an attack‑surface management and reconnaissance orchestration framework that automates intelligence gathering and vulnerability scanning—this makes it a genuine penetration‑testing toolkit, though it specializes in asset mapping and detection rather than full exploitation or post‑exploitation.
OWASP ZAP is a dynamic application security testing tool and intercepting HTTP proxy used to find vulnerabilities in web applications. It functions as a penetration testing framework that enables both automated security scanning and manual security testing of running web services. The tool provides a suite of capabilities for analyzing web applications from the outside in, including the ability to capture and modify traffic between a browser and a target application. It is designed to integrate into DevSecOps pipelines to provide consistent security checks across different environments.
OWASP ZAP is a dynamic application security testing tool and intercepting proxy specifically for web application penetration testing, providing automated scanning, vulnerability detection, and a modular plugin architecture, but it focuses on HTTP-based applications and lacks general network scanning, multi-protocol exploit modules, and post-exploitation features, so it serves as a narrower fit for a broad pentesting framework.
| Repositorio | Estrellas | Lenguaje | Licencia | Último push |
|---|---|---|---|---|
| shadow1ng/fscan | 13.4K | Go | mit | |
| infinition/bjorn | 5.7K | Python | mit | |
| pennyw0rth/netexec | 5.3K | Python | bsd-2-clause | |
| rapid7/metasploit-framework | 38.4K | Ruby | NOASSERTION | |
| manisso/fsociety | 12.1K | Python | MIT | |
| greydgl/pentestgpt | 11.7K | Python | mit | |
| byt3bl33d3r/crackmapexec | 9.1K | Python | BSD-2-Clause | |
| zan8in/afrog | 4.2K | Go | mit | |
| empireproject/empire | 7.8K | PowerShell | bsd-3-clause | |
| nmap/nmap | 13.1K | C | NOASSERTION |