A comprehensive WordPress vulnerability scanner and exploitation framework for authorized penetration testing. This tool automatically detects and exploits multiple WordPress security vulnerabilities (CVEs) to help security professionals identify and patch weaknesses.
☆70May 21, 2026Updated last month
Alternatives and similar repositories for Mephisto
Users that are interested in Mephisto are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- WordPress XML-RPC & WP-Login Bruteforce + Auto Uploader Powerful asynchronous bruteforce tool for WordPress sites via wp-login.php and …☆23Apr 22, 2025Updated last year
- Burp Suite extension + port-based highlighter: dedupes HTTP history into a live unique-request feed and color-codes attacker/victim traff…☆18Jul 7, 2026Updated last week
- My Main App Hacking CheckList☆31Jun 20, 2026Updated 3 weeks ago
- Curated Linux LPE corpus — 28 modules from 2016 to 2026, with detection rules. One command, safest-first root: skeletonkey --auto --i-kno…☆16Updated this week
- Kali Linux Polyglot Harness for Autonomous Pentesting/Cyber Security☆124May 14, 2026Updated 2 months ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- xnew is a fast, low-memory CLI that appends only unique lines to files. Built in Go for large datasets, it streams input efficiently and …☆27May 23, 2026Updated last month
- Next.js v16.2.4 Security PoC Collection (CVE-2026-23870, CVE-2026-44575, CVE-2026-44579, CVE-2026-44574, CVE-2026-44578, CVE-2026-44573, …☆176May 12, 2026Updated 2 months ago
- ☆36May 5, 2026Updated 2 months ago
- A Windows tool that converts LDIF files to BloodHound CE☆30Dec 20, 2025Updated 6 months ago
- FortiSandbox RCE Scanner — CVE-2026-39808☆26Apr 21, 2026Updated 2 months ago
- A modern HTTP and HTTPS interception proxy with custom-made extensions support.☆127Jun 17, 2026Updated 3 weeks ago
- NextSSRF — CVE-2026-44578 Scanner & Exploit ║ ║ Next.js WebSocket Upgrade Handler SSRF☆75May 15, 2026Updated 2 months ago
- A shellcode loader generator with support for multiple injection techniques, built for red team engagements.☆93Jul 1, 2026Updated last week
- mattew crawls target websites, extracts hidden attack surface, runs security analysis, fingerprints technology, and generates professiona…☆17Jul 2, 2026Updated last week
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- A comprehensive Python-based OSINT (Open Source Intelligence) tool for email and phone number verification with breach detection, social …☆69Sep 9, 2025Updated 10 months ago
- Fortinet FortiClientEMS improper access control☆35Apr 20, 2026Updated 2 months ago
- API URL fuzzer that cross-joins hosts and paths into normalized URLs, probes them over HTTP, and reports responding endpoints.☆28Jun 11, 2026Updated last month
- The ultimate pentesting companion. Keep all your pentesting artifacts in one place.☆68Jun 20, 2026Updated 3 weeks ago
- A simple HAR-based JavaScript recon automation kit for organizing JS files, endpoints, secrets, and gf-filtered attack surface during bug…☆16May 20, 2026Updated last month
- Stealth hybrid URL mapper☆17May 1, 2026Updated 2 months ago
- Cortex C2 is a Open source Linux C2 inspired by the void link C2 framework☆43May 29, 2026Updated last month
- A tool for detecting subdomain takeover vulnerabilities by checking DNS records☆33May 28, 2026Updated last month
- A Caido plugin to monitor, intercept, and debug JavaScript sinks based on customizable configurations.☆42Apr 8, 2026Updated 3 months ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Offensive security toolkit for Claude Code covering red team, exploit dev, AD attacks, EDR bypass, mobile pentest☆316Jul 3, 2026Updated last week
- AI 驱动的红队免杀知识库 — AI-generated red team evasion notes☆47Jun 23, 2026Updated 3 weeks ago
- ☆40Jun 4, 2026Updated last month
- Nuclei templates which I wrote myself☆10Jan 8, 2022Updated 4 years ago
- SpotifyC2 is a cybersecurity research project that demonstrates cloud-based command communication using Spotify playlists for command ret…☆166Jun 29, 2026Updated 2 weeks ago
- CVE-2026-21643☆18Mar 28, 2026Updated 3 months ago
- CVE-2025-59501 POC code☆25Nov 20, 2025Updated 7 months ago
- Tool to assist bug bounty hunters☆76Mar 23, 2026Updated 3 months ago
- AI-powered modular Active Directory red-team framework for authorized penetration testing, AD enumeration, attack-path analysis, Kerber…☆329Jun 11, 2026Updated last month
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Self-hosted Linux server protector that ACTS, not just alerts. SIGSTOP runaway processes, iptables-ban brute-forcers, take incident snaps…☆35May 7, 2026Updated 2 months ago
- DPG Campus Tool. Shrink massive PDFs to fit AI upload limits. Sanitize before uploading to reduce risk of exposing sensitive data.☆50Jan 20, 2026Updated 5 months ago
- CVE-2025-55182-bypass-waf☆30Jan 8, 2026Updated 6 months ago
- BurnWP Advanced Exploiter System instead Scanner & Custom Plugin for Pentester☆92Oct 5, 2025Updated 9 months ago
- Bug bounty agent framework for Claude Code, Codex, Gemini, Cursor, Windsurf, Copilot, and OpenClaw — 48 agents, 26 commands, 19 CLI tools…☆762Jun 12, 2026Updated last month
- The malicious IdP you were looking for. A weaponized Single Sign-On (SSO) Identity Provider (IdP) for security testing of OIDC and SAML 2…☆38Jun 6, 2026Updated last month
- TokenTwin Checker — Dual Token BAC/IDOR Tester for Burp Suite☆84Jun 28, 2026Updated 2 weeks ago