Alternatives and similar repositories for pentestkit

Users that are interested in pentestkit are comparing it to the libraries listed below

• projectdiscovery / interactsh-web
  Web dashboard for Interactsh client
  ☆233Updated last month
• silentsignal / burp-text4shell
  Text4Shell scanner for Burp Suite
  ☆191Updated 3 years ago
• PortSwigger / active-scan-plus-plus
  ActiveScan++ Burp Suite Plugin
  ☆233Updated 2 months ago
• volkandindar / agartha
  A Burp Suite extension for identifying injection flaws (LFI, RCE, SQLi), authentication/authorization issues, and HTTP 403 access violati…
  ☆384Updated last month
• brinhosa / apidetector
  APIDetector: Efficiently scan for exposed Swagger endpoints across web domains and subdomains. Supports HTTP/HTTPS, multi-threading, and …
  ☆343Updated 7 months ago
• zzzteph / probable_subdomains
  Subdomains analysis and generation tool. Reveal the hidden!
  ☆243Updated 4 months ago
• ThreatUnknown / jsubfinder
  jsubfinder searches webpages for javascript & analyzes them for hidden subdomains and secrets (wip).
  ☆275Updated 9 months ago
• moeinfatehi / xss_vulnerability_challenges
  this repository is a docker containing some "XSS vulnerability" challenges and bypass examples.
  ☆117Updated 3 years ago
• Anof-cyber / PyCript
  Burp Suite extension for bypassing client-side encryption for pentesting and bug bounty
  ☆212Updated last month
• hackvertor / hackvertor
  ☆218Updated this week
• PortSwigger / autorize
  Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease appli…
  ☆261Updated 11 months ago
• PortSwigger / auth-analyzer
  ☆107Updated last year
• win3zz / CVE-2023-25157
  CVE-2023-25157 - GeoServer SQL Injection - PoC
  ☆171Updated 2 years ago
• RapidDNS / Afuzz
  Afuzz is an automated web path fuzzing tool for the Bug Bounty projects.
  ☆303Updated 2 years ago
• ARPSyndicate / cve-scores
  EPSS & VEDAS Score Aggregator for CVEs
  ☆252Updated last week
• ivan-sincek / forbidden
  Bypass 4xx HTTP response status codes and more. The tool is based on Python Requests, PycURL, and HTTP Client.
  ☆249Updated last month
• tombstoneghost / TIWAP
  Totally Insecure Web Application Project (TIWAP)
  ☆175Updated last year
• cckuailong / pocsploit
  a lightweight, flexible and novel open source poc verification framework
  ☆237Updated 3 years ago
• AbstractEngine / pentest-muse-cli
  ☆236Updated last year
• positive-security / dompdf-rce
  RCE exploit for dompdf
  ☆182Updated 3 years ago
• tyki6 / MyJWT
  A cli for cracking, testing vulnerabilities on Json Web Token(JWT)
  ☆136Updated last month
• NotSoSecure / SerializedPayloadGenerator
  ☆133Updated last month
• PortSwigger / logger-plus-plus
  Burp Suite Logger++: Log activities of all the tools in Burp Suite
  ☆181Updated last year
• projectdiscovery / nuclei-ai-extension
  Nuclei AI - Browser Extension for Rapid Nuclei Template Generation
  ☆536Updated 10 months ago
• Bandit-HaxUnit / haxunit
  ☆327Updated 3 months ago
• simioni87 / auth_analyzer
  Burp Extension for testing authorization issues. Automated request repeating and parameter value extraction on the fly.
  ☆206Updated last year
• Acorzo1983 / SQLMapCG
  SQLMap Command Generator: A web-based tool to easily generate customizable SQLMap commands for testing SQL injection vulnerabilities. Fea…
  ☆75Updated 11 months ago
• PortSwigger / pentest-mapper
  A Burp Suite Extension for Application Penetration Testing to map flows and vulnerabilities
  ☆120Updated last year
• d3mondev / burp-vps-proxy
  This Burp Suite extension allows for the automatic creation and deletion of an upstream SOCKS5 proxy on popular cloud services.
  ☆244Updated 7 months ago
• projectdiscovery / nuclei-docs
  Nuclei documentation
  ☆84Updated 2 years ago