Alternatives and similar repositories for CTFs:

Users that are interested in CTFs are comparing it to the libraries listed below

• Edd13Mora / RedFlags
  ☆14Updated last year
• RikunjSindhwad / Task-Ninja-Workflows
  This repository has workflows created for https://github.com/RikunjSindhwad/Task-Ninja
  ☆24Updated 8 months ago
• 0xarun / s1mr3c
  Simple recon tool automates your recon process
  ☆17Updated 2 years ago
• Sicks3c / Reconizer
  ☆38Updated 4 years ago
• SirBugs / Offy
  offy is a tool for bugbounty hunters to save money in their EC2 instances
  ☆13Updated last year
• emadshanab / Extract-and-Probe-all-the-ips-associated-with-same-host-via-httpx
  ☆13Updated 3 years ago
• AmoloHT / CVE-2022-33891
  「💥」CVE-2022-33891 - Apache Spark Command Injection
  ☆26Updated 2 years ago
• Xib3rR4dAr / WannaRace
  WebApp intentionally made vulnerable to Race Condition for practicing Race Condition
  ☆25Updated 3 years ago
• hakivvi / CVE-2025-23369
  GitHub Entreprise Server SAML authentication bypass (CVE-2025-23369) exploit
  ☆35Updated 3 months ago
• HernanRodriguez1 / EnumParameter
  ☆15Updated last year
• egrullon / Wounty
  Wounty is a simple web enumeration script that makes use of other popular tools to automate the early stages of recognition in Bug Bounty…
  ☆14Updated 3 years ago
• Roni-Carta / onhandlers
  ☆13Updated 3 years ago
• deepak0401 / Front-Page-Exploit
  HTTP requests of FrontPage expolit
  ☆25Updated 11 years ago
• gwen001 / detectify-cves
  Find CVEs that don't have a Detectify modules.
  ☆22Updated 2 years ago
• 0xPugal / monitor.sh
  Continuous Reconnaissance and Vulnerability Scanning for Bug Bounties
  ☆18Updated 11 months ago
• LeDoubleTake / nuclei-templates
  List of custom Nuclei templates
  ☆15Updated last year
• RandomRobbieBF / nuclei-drupal-sa
  Nuclei templates for drupal vulns... far from perfect
  ☆16Updated 4 months ago
• e1abrador / Burp-headerSnipper
  Burp extension used to snip any header from all the requests.
  ☆22Updated last year
• z3dc0ps / BBSSRF
  BBSSRF - Bug Bounty SSRF is a powerful tool to check SSRF OOB connection
  ☆38Updated 2 years ago
• HernanRodriguez1 / ScanMySQLiErrorBased-Nuclei
  ☆21Updated 2 years ago
• c0brabaghdad1 / DVPA
  Damn Vulnerable PHP Application (DVPA) - It is Lab Written in The PHP lang, Which Contains PHP Type Juggling - RCE Challenges
  ☆32Updated 2 years ago
• root-tanishq / autorev.sh
  Autorev.sh generates reverse shell codes for reverse shell . Supports linux and windows
  ☆16Updated 3 years ago
• xnl-h4ck3r / auto-repeater
  Automated HTTP Request Repeating With Burp Suite
  ☆37Updated 2 years ago
• RxXwx3x / OSWE
  ☆20Updated 3 years ago
• notmarshmllow / credax
  Credax - Fuzzing Tool with Slack Notifications. Also removes false positive responses.
  ☆10Updated 3 years ago
• System00-Security / findbbprograms
  Check if domain has bug bounty program or not
  ☆27Updated last year
• gosirys / Offensive
  Scripts/tools to destroy things
  ☆17Updated 3 years ago
• VitthalS / ivna
  Intentionally Vulnerable Nodejs Application & APIs
  ☆22Updated 3 years ago
• bot8080 / awesomeBugbounty
  ☆48Updated 4 years ago
• rohsec / chaosDump
  A powerful and clean bash script to dump and extract information from Project Discovery's Chaos Project https://chaos.projectdiscovery.io…
  ☆25Updated 3 years ago