Alternatives and similar repositories for Pentesting

Users that are interested in Pentesting are comparing it to the libraries listed below

• PortSwigger / burp-smart-buster
  A Burp Suite content discovery plugin that add the smart into the Buster!
  ☆31Updated 7 years ago
• thegsoinfosec / web-app
  Tools and resources for web app hacking. The payloads.txt documents are a must have for your Burpsuite intruder payload armory. They've h…
  ☆28Updated 6 years ago
• ticarpi / my-pentesting-repo
  This is a set of tips and reminders for pentesting processes and scripts/programs. Initially for personal use, but if anyone else finds t…
  ☆52Updated 5 years ago
• vavkamil / BBClip
  Bug Bounty Clipboard
  ☆17Updated 5 years ago
• eur0pa / goGetBucket
  A penetration testing tool to enumerate and analyse Amazon S3 Buckets owned by a domain.
  ☆26Updated 6 years ago
• securityidiots / vhost_buster
  A simple tool with the power of "Go" to find the hidden Vhosts defined at the server.
  ☆19Updated 6 years ago
• riyazwalikar / injection-attacks-nosql-talk
  Slides of the talk on Injection attacks in apps with NoSQL Backends, given at null OWASP Bangalore monthly meet on 27th April 2019
  ☆22Updated 6 years ago
• Static-Flow / DirectoryImporter
  This is a Burpsuite plugin built to enable you to import your directory bruteforcing results into burp for easy viewing later. This is an…
  ☆36Updated 2 years ago
• twelvesec / BearerAuthToken
  This burpsuite extender provides a solution on testing Enterprise applications that involve security Authorization tokens into every HTTP…
  ☆46Updated 6 years ago
• ettic-team / EndpointFinder-Burp
  ☆32Updated 6 years ago
• gwen001 / testxss
  PHP tool to test XSS
  ☆22Updated 5 years ago
• aungthurhahein / Red-Team-Curation-List
  A list to discover work of red team tooling and methodology for penetration testing and security assessment
  ☆78Updated 6 years ago
• samhaxr / XXRF-Shots
  XXRF Shots - Useful for testing SSRF vulnerability
  ☆74Updated 2 years ago
• InitRoot / fransRecon
  Script will enumerate domain name using horizontal enumeration, reverse lookup. Each horziontal domain will then be vertically enumerated…
  ☆32Updated 5 years ago
• EdOverflow / curate
  A tool for fetching archived URLs (to be rewritten in Go).
  ☆40Updated 6 years ago
• secxena / credcheck
  Credentials Checking Framework
  ☆54Updated 2 years ago
• dsopas / XSS-oneliner-payload
  Compilation of JavaScript XSS oneliners payloads that rocks your nuts!
  ☆25Updated 8 years ago
• EdOverflow / h1-cli
  A CLI tool to interact with hackerone.com. This was my submission for HackerOne's Summer 2018 Hack Day.
  ☆39Updated 6 years ago
• lc / cspparse
  A tool to evaluate Content Security Policies.
  ☆72Updated 5 years ago
• TROUBLE-1 / codeza
  This tool will scan all the URL's in the file and will provide Content-Length, Status-Code, Server and more.
  ☆36Updated 3 years ago
• BountyMachine / about
  A central place to keep track of relevant BountyMachine talks, blogs, and interesting things!
  ☆33Updated 6 years ago
• rojan-rijal / ReconUI
  Alpha version code of Recon UI
  ☆14Updated 7 years ago
• rojan-rijal / Pyrate
  Practice Web App written in python with some vulnerabilities.
  ☆34Updated 4 years ago
• KendoClaw1 / Open-Redirection-Scanner
  a python tool used to scan for Open redirection vulnerability
  ☆20Updated 7 years ago
• Zombiehelp54 / CTF
  CTF Writeups
  ☆12Updated 2 years ago
• netscylla / JWT_Hacking
  Collection of scripts that aid in penetration testing of JSON Web Tokens
  ☆58Updated 6 years ago
• w9w / Open_Redirects_list
  -
  ☆11Updated 4 years ago
• plenumlab / lazyrecon
  This script is intended to automate your reconnaissance process in an organized fashion
  ☆39Updated 5 years ago
• GeneralEG / CVE-2019-15858
  Unauthenticated RCE at Woody Ad Snippets / CVE-2019-15858 (PoC)
  ☆32Updated 2 years ago
• hahwul / ras-fuzzer
  RAS(RAndom Subdomain) Fuzzer
  ☆42Updated 5 years ago