Alternatives and similar repositories for playbooks

Users that are interested in playbooks are comparing it to the libraries listed below

• tjnull / pentest-arsenal
  A collection of tools that I use in CTF's or for assessments
  ☆102Updated 6 months ago
• kartikdurg / Terrible-Thick-Client
  "Terrible Thick Client" is a vulnerable application developed in C# .NET framework.
  ☆20Updated 2 years ago
• MrTurvey / Burp2API
  Converting your Burp Suite projects into JSON APIs which can be viewed with Swagger editor or imported into Postman.
  ☆66Updated 8 months ago
• mosesrenegade / PMapper
  A tool for quickly evaluating IAM permissions in AWS.
  ☆57Updated last year
• securelayer7 / not-a-vuln-list
  Top 2025 Vulnerabilities You Shouldn’t Accept in a Pentest Report
  ☆13Updated 6 months ago
• aleemladha / SANS-Workshop-Lab
  SANS Workshop: Active Directory Privilege Escalation with Empire!
  ☆32Updated last week
• stolenusername / cowitness
  CoWitness is a powerful web application testing tool that enhances the accuracy and efficiency of your testing efforts. It allows you to …
  ☆125Updated last year
• carlospolop / Bruteforce-GCP-Permissions
  Use the GCP testIamPermissions functionality to bruteforce and discover your permissions
  ☆39Updated last month
• n0tspam / delepwn
  DelePwn is a security assessment tool designed to identify and demonstrate the risks associated with Google Workspace Domain-Wide Delegat…
  ☆33Updated this week
• evildaemond / physsec-methodology
  A public, open source physical security methodology
  ☆46Updated last year
• Tib3rius / Copier
  A Burp extension to help pentesters copy requests / responses for reports.
  ☆48Updated last month
• Neuvik / BucketHoarder
  ☆55Updated last year
• PanosoikoGr / CloudTap
  Comprehensive AWS cloud reconnaissance and privilege escalation toolkit written in Python. Features IAM, EC2, S3, Lambda, ECS, Secrets Ma…
  ☆42Updated last month
• Hackcraft-Labs / Fairplay
  Artifact monitoring that ensures fairplay
  ☆77Updated 6 months ago
• emptynebuli / dauthi
  dauthi is a tool that takes advantage of API functionality across a variety of MDM solutions to perform user enumeration and single-facto…
  ☆42Updated last year
• nullenc0de / servicelens
  ServiceLens is a Python tool for analyzing services linked to Microsoft 365 domains. It scans DNS records like SPF and DMARC to identify …
  ☆77Updated 9 months ago
• vuusale / ParaMutator
  API fuzzer that exposes security flaws by sending malformed inputs
  ☆16Updated 11 months ago
• ms101 / EvilKnievelnoVNC
  Weaponized EvilnoVNC: Scalable and semi-automated MFA-Phishing
  ☆49Updated 5 months ago
• zer1t0 / awsenum
  Enumerate AWS permissions and resources.
  ☆70Updated 3 years ago
• Verizon / verizon_burp_extensions_ai
  Verizon Burp Extensions: AI Suite
  ☆132Updated 3 months ago
• websecnl / MagicByteSelector
  Burp Suite Extension for inserting a magic byte into responder's request
  ☆25Updated last year
• nccgroup / cq
  ☆116Updated 2 years ago
• ApexPredator-InfoSec / AWAE-OSWE
  Review of AWAE.OSWE
  ☆31Updated 3 years ago
• hnsecurity / kraken
  Generate a report with charts and statistics about cracked passwords in XLSX format
  ☆33Updated 5 months ago
• mobilehackinglab / damn-exploitable-android-app-public-apk
  damn-exploitable-android-app-apk
  ☆40Updated 2 years ago
• TNCX-byte / PS_SSE_Shell
  A stealthy reverse shell built with native PowerShell and Server-Sent Events (SSE). No polling. No sockets. Just pure HTTP and real-time …
  ☆19Updated 3 months ago
• nullenc0de / Internal_Pentest
  Scripts that automate portions of pentests.
  ☆52Updated last week
• d-sec-net / VPK
  Vast.ai Password Kracking
  ☆80Updated last month
• Lucreza / WinDefExclusionFinder
  Small Script that permits to enumerate folders in Windows Defender Exclusion List with no Administrative privileges
  ☆24Updated 8 months ago
• Vsimpro / kiosk.vsim.xyz
  Source for kiosk.vsim.xyz -- tooling for browser-based, Kiosk mode testing.
  ☆26Updated last year