Alternatives and similar repositories for red-teaming

Users that are interested in red-teaming are comparing it to the libraries listed below

• substing / CVE-2020-24186_reverse_shell_upload
  ☆13Updated last year
• 0xPugal / monitor.sh
  Continuous Reconnaissance and Vulnerability Scanning for Bug Bounties
  ☆18Updated last year
• e1abrador / Burp-headerSnipper
  Burp extension used to snip any header from all the requests.
  ☆23Updated last year
• RikunjSindhwad / Task-Ninja-Workflows
  This repository has workflows created for https://github.com/RikunjSindhwad/Task-Ninja
  ☆23Updated 11 months ago
• mqst / gouge
  Gouge is a simple Burp extension to extract or gouge all URLs which are seen in JS files as you visit different websites/webpages in Burp…
  ☆29Updated 11 months ago
• kaanatmacaa / CVE-2024-23897
  Nuclei template for CVE-2024-23897 (Jenkins LFI Vulnerability)
  ☆18Updated last year
• 0xElkot / wp-json-extractor
  ☆18Updated last year
• MINAD0 / XML-RPC-Check
  XML-RPC Vulnerability Checker and Directory Fuzzer
  ☆24Updated last year
• davidenetti / SoftwareSecurityNotes
  Exploits with pwntools library in Python3. ROP, BOF, SHELLCODE.
  ☆21Updated last year
• VKo9 / AD-attacks-automation-scripts
  This repository contains scripts about ACL abuse and any other active directory attacking methods.
  ☆36Updated last year
• nikhilpatel4 / FUZZ
  This repository contains the best fuzzing wordlist files
  ☆34Updated 7 months ago
• mux0x / mulef
  your bestfried for finding LinkedIn Employees on github
  ☆16Updated 2 years ago
• atulxerma / subtron
  "🔍 Subtron: Bash-driven subdomain seeker. Utilizes Subfinder, Amass, Assetfinder, and HTTPX to swiftly uncover live domains. Results sto…
  ☆23Updated 2 weeks ago
• HernanRodriguez1 / EnumParameter
  ☆15Updated last week
• execveat / burp-brief-editor-tab
  Burp Suite extension that makes your life easier by tucking the headers out of the way, so you can see the body content right away withou…
  ☆38Updated last year
• regorsec / Linux-Post-Exploitation
  Tips, Tricks, and Scripts for Linux Post Exploitation
  ☆38Updated 2 years ago
• mathis2001 / ParamFirstCheck
  ParamFirstCheck identifies in a list of urls those containing a parameter of the top 25 of the most vulnerable parameters for SQLi, LFI, …
  ☆35Updated last year
• xnl-h4ck3r / auto-repeater
  Automated HTTP Request Repeating With Burp Suite
  ☆38Updated 2 years ago
• devanshbatham / revwhoix
  A simple utility to perform reverse WHOIS lookups using whoisxml API
  ☆44Updated last year
• nowak0x01 / PrestaXSRF
  PrestaXSRF is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's critical…
  ☆31Updated last year
• HernanRodriguez1 / ScanReflectedSSTI
  Template Nuclei SSTI
  ☆30Updated last year
• bigb0x / CVE-2024-40348
  POC for CVE-2024-40348. Will attempt to read /etc/passwd from target
  ☆31Updated 11 months ago
• CyberSecurityUP / k8senumeration
  Kubernetes, Clusters and Dockers Enumeration in GCP and AWS environments
  ☆13Updated last year
• zapstiko / SubdomainX
  Automated tool for domains & Subdomains Gathering
  ☆14Updated last year
• motikan2010 / CVE-2023-6063-PoC
  CVE-2023-6063 (WP Fastest Cache < 1.2.2 - UnAuth SQL Injection)
  ☆29Updated last year
• trickest / elasticsearch_index
  Manage attack surface data on Elasticsearch
  ☆22Updated last year
• whalebone7 / FfufMaster
  Run ffuf with the appropriate options to brute-force the directories using the awesome different wordlists.
  ☆24Updated 2 years ago
• faiyazahmad07 / monitor_subdomains
  Monitor your target continuously for new subdomains!
  ☆26Updated 2 years ago
• ZephrFish / GoogD0rk
  ☆43Updated 2 months ago
• sea-erkin / log-snare
  LogSnare: A playground for testing, preventing, and logging IDOR vulnerabilities.
  ☆31Updated last year