Alternatives and similar repositories for pwnfaces

Users that are interested in pwnfaces are comparing it to the libraries listed below

• beescuit / crosssiteshell
  A websocket-based reverse (javascript) shell for XSS attacks.
  ☆31Updated 3 years ago
• MayankPandey01 / Sparty-2.0
  An MS Sharepoint and Frontpage Auditing Tool
  ☆57Updated last year
• ferreiraklet / icmp_reverse_shell
  ☆44Updated 3 years ago
• 000pp / WSOB
  😭 WSOB is a python tool created to exploit the new vulnerability on WSO2 assigned as CVE-2022-29464.
  ☆27Updated 2 years ago
• H0j3n / EzpzSharepoint
  ☆27Updated 3 years ago
• kljunowsky / XXElixir
  This tool is designed to test for file upload and XXE vulnerabilities by poisoning XLSX files.
  ☆82Updated last year
• p0dalirius / CVE-2021-43008-AdminerRead
  Exploit tool for CVE-2021-43008 Adminer 1.0 up to 4.6.2 Arbitrary File Read vulnerability
  ☆87Updated last year
• jazzpizazz / BloodHound.py-Kerberos
  A Python based ingestor for BloodHound
  ☆85Updated 3 years ago
• c3l3si4n / quickcert
  A better way of querying certificate transparency logs
  ☆88Updated 8 months ago
• nowak0x01 / WPXStrike
  WPXStrike is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's criticals…
  ☆69Updated last year
• liquidsec / aspnetCryptTools
  Just some random small tools for dealing with asp.net Forms Authentication Cookies
  ☆29Updated 4 years ago
• mishmashclone / ManhNho-AWAE-OSWE
  https://github.com/ManhNho/AWAE-OSWE
  ☆11Updated 5 years ago
• optionalCTF / SSOh-No
  User enumeration and password spraying tool for testing Azure AD
  ☆70Updated 3 years ago
• kh4sh3i / ElasticSearch-Pentesting
  ElasticSearch exploit and Pentesting guide for penetration tester
  ☆29Updated 3 years ago
• carlosevieira / CVE-2022-40684
  PoC for CVE-2022-40684 - Authentication bypass lead to Full device takeover (Read-only)
  ☆87Updated 3 years ago
• BKreisel / sqlmap-websocket-proxy
  Tool to enable blind sql injection attacks against websockets using sqlmap
  ☆66Updated 7 months ago
• PenTestical / CVE-2020-9484
  ☆34Updated 3 years ago
• roughiz / lfito_rce
  LFI to RCE via phpinfo() assistance or via controlled log file
  ☆73Updated 2 years ago
• riramar / DesyncCL0
  A simple tool to detect vulnerabilities described here https://portswigger.net/research/browser-powered-desync-attacks.
  ☆36Updated 3 years ago
• vrechson / copy-to-bcheck
  BurpSuite extension to convert requests into bcheck scripts
  ☆33Updated 2 years ago
• sinsinology / CVE-2024-4358
  Progress Telerik Report Server pre-authenticated RCE chain (CVE-2024-4358/CVE-2024-1800)
  ☆77Updated last year
• pimps / pdf-NTLMLeaker
  This script implements the Proof of Concept attack from the Checkpoint research "NTLM Credentials Theft via PDF Files"
  ☆27Updated 7 years ago
• securebinary / o365sprayer
  An offensive security tool used to enumerate and spray passwords for O365 accounts on both Managed and Federated AD services.
  ☆48Updated 3 years ago
• puzzlepeaches / ffufw
  ☆145Updated last year
• p0dalirius / LFIDump
  A simple python script to dump remote files through a local file read or local file inclusion web vulnerability.
  ☆77Updated last year
• ZephrFish / F5-CVE-2022-1388-Exploit
  Exploit and Check Script for CVE 2022-1388
  ☆58Updated this week
• w0Tx / generate-ad-username
  Simple python which takes FirstName and LastName to generate possible AD Usernames. Usefull for OSCP, Labs...
  ☆24Updated 10 months ago
• yavolo / Web-CTF-Cheatsheet
  Web CTF CheatSheet 🐈
  ☆34Updated 6 years ago
• nowak0x01 / Drupalwned
  Drupalwned is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's critical…
  ☆40Updated last year
• PortSwigger / server-side-prototype-pollution
  ☆42Updated 2 years ago