Alternatives and similar repositories for playbooks

Users that are interested in playbooks are comparing it to the libraries listed below

• MrTurvey / Burp2API
  Converting your Burp Suite projects into JSON APIs which can be viewed with Swagger editor or imported into Postman.
  ☆69Updated 10 months ago
• PanosoikoGr / CloudTap
  Comprehensive AWS cloud reconnaissance and privilege escalation toolkit written in Python. Features IAM, EC2, S3, Lambda, ECS, Secrets Ma…
  ☆44Updated 3 months ago
• tjnull / pentest-arsenal
  A collection of tools that I use in CTF's or for assessments
  ☆102Updated 8 months ago
• kartikdurg / Terrible-Thick-Client
  "Terrible Thick Client" is a vulnerable application developed in C# .NET framework.
  ☆20Updated 2 years ago
• vuusale / ParaMutator
  API fuzzer that exposes security flaws by sending malformed inputs
  ☆16Updated last year
• stolenusername / cowitness
  CoWitness is a powerful web application testing tool that enhances the accuracy and efficiency of your testing efforts. It allows you to …
  ☆125Updated last year
• mosesrenegade / PMapper
  A tool for quickly evaluating IAM permissions in AWS.
  ☆58Updated last year
• aleemladha / SANS-Workshop-Lab
  SANS Workshop: Active Directory Privilege Escalation with Empire!
  ☆33Updated 2 weeks ago
• rndinfosecguy / OSWA-Experience-And-Exam-Preparation
  My Offensive Security OSWA certification experience and my personal opinion what helps in preparation for the exam
  ☆40Updated 2 years ago
• CyberSecurityUP / smart-contracts-audit-checklist
  ☆28Updated last year
• lem0nSec / eCXD
  A collection of exploits and exercises developed while preparing for the eCXD exam!
  ☆31Updated 2 years ago
• Tib3rius / Copier
  A Burp extension to help pentesters copy requests / responses for reports.
  ☆50Updated 3 months ago
• carlospolop / Bruteforce-GCP-Permissions
  Use the GCP testIamPermissions functionality to bruteforce and discover your permissions
  ☆40Updated 3 months ago
• TNCX-byte / PS_SSE_Shell
  A stealthy reverse shell built with native PowerShell and Server-Sent Events (SSE). No polling. No sockets. Just pure HTTP and real-time …
  ☆20Updated 5 months ago
• rodolfomarianocy / Tricks-Pentest-Active-Directory
  Repository with quick triggers to help during Pentest in an Active Directory environment.
  ☆45Updated 2 months ago
• zer1t0 / awsenum
  Enumerate AWS permissions and resources.
  ☆70Updated 3 years ago
• 0xJs / OSCP_cheatsheet
  ☆38Updated 4 years ago
• websecnl / MagicByteSelector
  Burp Suite Extension for inserting a magic byte into responder's request
  ☆25Updated 2 years ago
• d-sec-net / VPK
  Vast.ai Password Kracking
  ☆86Updated 3 months ago
• aancw / SSLPinDetect
  SSLPinDetect is a tool for analyzing Android APKs to detect SSL pinning implementations by scanning for known patterns in decompiled code…
  ☆41Updated last month
• evildaemond / physsec-methodology
  A public, open source physical security methodology
  ☆46Updated last year
• Neuvik / BucketHoarder
  ☆55Updated last year
• securelayer7 / not-a-vuln-list
  Top 2025 Vulnerabilities You Shouldn’t Accept in a Pentest Report
  ☆13Updated 8 months ago
• ApexPredator-InfoSec / AWAE-OSWE
  Review of AWAE.OSWE
  ☆31Updated 3 years ago
• Vsimpro / kiosk.vsim.xyz
  Source for kiosk.vsim.xyz -- tooling for browser-based, Kiosk mode testing.
  ☆26Updated last year
• jumpycastle / rre-burp
  Burp extension for Recursive Request Exploits (RRE) — DEFCON 2025
  ☆93Updated last month
• RakeshKengale / RaKKeN
  Information Security Information From Web
  ☆28Updated 2 months ago
• 808ale / AD_Pentest_Bundle
  Various AD tools needed for penetration testing in one place.
  ☆24Updated 2 years ago
• securitycipher / vulnerable-code-snippet
  Sample Vulnerable and Secure Code Snippets for Various Vulnerabilities
  ☆21Updated last year
• GhnimiWael / LDAPHunter
  LDAP Enumeration Tool for Pentesters
  ☆48Updated 5 months ago