Al1ex / Awesome-Pentest

Related projects ⓘ

Alternatives and complementary repositories for Awesome-Pentest

• moeinfatehi / xss_vulnerability_challenges
  this repository is a docker containing some "XSS vulnerability" challenges and bypass examples.
  ☆116Updated 2 years ago
• Al1ex / Pentest-Command
  Pentest-Command
  ☆20Updated 3 years ago
• PortSwigger / sqli-py
  SQLiPy is a Python plugin for Burp Suite that integrates SQLMap using the SQLMap API.
  ☆88Updated last year
• tkmru / lazyCSRF
  A more useful CSRF PoC generator on Burp Suite
  ☆87Updated 2 years ago
• zorox0x / chaospy
  Small Tool written based on chaos from projectdiscovery.io
  ☆165Updated 3 weeks ago
• alita-ido / PHP-File-Writer
  ☆25Updated 4 years ago
• profmoriarity / rexsser
  This is a burp plugin that extracts keywords from response using regexes and test for reflected XSS on the target scope.
  ☆75Updated 4 years ago
• NotSoSecure / SerializedPayloadGenerator
  ☆100Updated 2 years ago
• Ph33rr / Tools-Tips
  ☆14Updated 2 years ago
• ARPSyndicate / kenzer-templates
  essential templates for kenzer [DEPRECATED]
  ☆108Updated last year
• theLSA / burp-sensitive-param-extractor
  burpsuite extension for check and extract sensitive request parameter
  ☆110Updated 3 years ago
• Fadavvi / Sub-Drill
  A very (very) FAST and simple subdomain finder based on online & free services. Without any configuration requirements.
  ☆104Updated last week
• RedSection / pFuzz
  pFuzz helps us to bypass web application firewall by using different methods at the same time.
  ☆157Updated 3 years ago
• andripwn / PayloadsAll
  A list of useful payloads and bypass for Web Application Security and Pentest/CTF
  ☆43Updated 5 years ago
• fuzz-security / hackerone-reports
  Top disclosed reports from HackerOne
  ☆8Updated 4 years ago
• machevalia / projectdiscoveryinstaller
  Script to quickly install Golang and the most popular PD repos
  ☆53Updated 2 months ago
• ryandamour / ssrfuzz
  SSRFuzz is a tool to find Server Side Request Forgery vulnerabilities, with CRLF chaining capabilities
  ☆184Updated 3 years ago
• SpiderMate / B-XSSRF
  Toolkit to detect and keep track on Blind XSS, XXE & SSRF
  ☆295Updated 5 years ago
• DonatoReis / Secbuild
  An automation tool to install the most popular tools for bug bounty or pentesting.
  ☆119Updated 3 months ago
• 0xDexter0us / Log4J-Scanner
  Burp extension to scan Log4Shell (CVE-2021-44228) vulnerability pre and post auth.
  ☆101Updated 2 years ago
• Warxim / vucsa
  Vulnerable Client-Server Application (VuCSA) is made for learning how to perform penetration tests of non-http thick clients. It is writt…
  ☆96Updated last year
• tombstoneghost / TIWAP
  Totally Insecure Web Application Project (TIWAP)
  ☆168Updated 10 months ago
• NitinYadav00 / My-Nuclei-Templates
  Nuclei Templates - Here you will find the templates I use while hunting
  ☆116Updated 3 years ago
• si9int / Subra
  A Web-UI for subdomain enumeration (subfinder)
  ☆53Updated 4 years ago
• sharathkramadas / k8s-nuclei-templates
  Nuclei templates for K8S security scanning
  ☆102Updated 2 years ago
• tyki6 / MyJWT
  A cli for cracking, testing vulnerabilities on Json Web Token(JWT)
  ☆120Updated 3 weeks ago
• Mad-robot / wordpress-exploits
  All known and unknown public POC's for wordpress themes and plugins
  ☆78Updated 3 years ago
• devploit / XORpass
  Encoder to bypass WAF filters using XOR operations.
  ☆250Updated 2 years ago
• tismayil / ohmybackup
  Scan Victim Backup Directories & Backup Files
  ☆178Updated last year
• MrCl0wnLab / SimplesApachePathTraversal
  Tool check: CVE-2021-41773, CVE-2021-42013, CVE-2020-17519
  ☆60Updated 2 months ago