Alternatives and similar repositories for Pentest-Mapper

Users that are interested in Pentest-Mapper are comparing it to the libraries listed below

• EasyRecon / wappaGo
  ☆58Updated last year
• PortSwigger / pentest-mapper
  A Burp Suite Extension for Application Penetration Testing to map flows and vulnerabilities
  ☆119Updated 2 years ago
• gwen001 / related-domains
  Find related domains of a given domain.
  ☆101Updated 2 years ago
• pry0cc / proteus
  A projectdiscovery driven attack surface monitoring bot powered by axiom
  ☆191Updated 3 years ago
• j3ssie / cdnstrip
  Striping CDN & WAF IPs from a list of IP Addresses
  ☆80Updated 7 months ago
• shabarkin / CodeAllTheThings
  A list of threat sinks used in the manual security source code review for application security
  ☆73Updated 2 years ago
• The-Login / DNS-Analyzer
  A Burp Suite extension for finding DNS vulnerabilities in web applications!
  ☆94Updated 2 years ago
• ShutdownRepo / httpmethods
  HTTP verb tampering & methods enumeration
  ☆63Updated 4 months ago
• Static-Flow / RepeaterSearch
  This extension adds a search bar to the Repeater tab that can be used to highlight all repeater tabs where the request and/or response ma…
  ☆80Updated 2 years ago
• carlospolop / Pastos
  ☆58Updated 3 years ago
• six2dez / obsidian-pentesting-vault
  Sample Obsidian's vault for web pentesting
  ☆101Updated last year
• osmedeus / osmedeus-workflow
  Community Workflow for the Osmedeus Engine that describes basic reconnaissance methodology for you to build your own
  ☆75Updated last year
• moeinfatehi / Backup-Finder
  A burp suite extension that reviews backup, old, temporary and unreferenced files on web server for sensitive information (OWASP WSTG-CON…
  ☆163Updated last year
• BishopFox / Imperva_gzip_WAF_Bypass
  ☆159Updated 3 years ago
• PortSwigger / nuclei-burp-integration
  Simple extension that allows to run nuclei scanner directly from burp and transforms json results into the issues.
  ☆31Updated 2 years ago
• 0xmoot / s3sec
  Check AWS S3 instances for read/write/delete access
  ☆122Updated 3 years ago
• moeinfatehi / Admin-Panel_Finder
  A burp suite extension that enumerates infrastructure and application admin interfaces (OTG-CONFIG-005)
  ☆122Updated 3 years ago
• trickest / log4j
  Trickest Workflow for discovering log4j vulnerabilities and gathering the newest community payloads.
  ☆112Updated 3 years ago
• hahwul / RegexPassive
  🔭 Collection of regexp pattern for security passive scanning
  ☆115Updated 2 years ago
• ExpLangcn / agartha
  a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to …
  ☆49Updated 3 years ago
• kljunowsky / XXElixir
  This tool is designed to test for file upload and XXE vulnerabilities by poisoning XLSX files.
  ☆82Updated last year
• gnothiseautonlw / burp-shell-fwd-lfi
  A Burp Suite plugin/extension that offers a shell in Burp. Both useful for OS Command injection and LFI exploration
  ☆77Updated 5 years ago
• daffainfo / my-nuclei-templates
  Some contributions in the nuclei-templates repository
  ☆60Updated 3 years ago
• DevSecOpsDocs / nuclearpond
  Nuclear Pond is a utility leveraging Nuclei to perform internet wide scans for the cost of a cup of coffee.
  ☆186Updated last year
• JonCooperWorks / burp-filefuzzer
  ☆33Updated 4 years ago
• cosad3s / hfinder
  Help recon of hostnames from specific ASN or CIDR, thanks to Robtex and BGP.HE
  ☆54Updated last year
• Th0h0 / autopoisoner
  Web cache poisoning vulnerability scanner.
  ☆73Updated 3 years ago
• ahmad0x1 / ARWAD
  Advanced Reconnaissance and Web Application Discovery
  ☆88Updated 4 years ago
• carlospolop / Gorks
  ☆67Updated 2 years ago
• h1pmnh / sqli-dojo-docker
  A demo PHP application used to exercise SQL injection techniques in a safe, local Docker environment
  ☆45Updated last year