Scripts that are intended to help you in your pen-testing and bug-hunting efforts by automating various manual tasks, making your work more efficient and effective.
☆99Sep 27, 2025Updated 7 months ago
Alternatives and similar repositories for Offensive-Pentesting-Scripts
Users that are interested in Offensive-Pentesting-Scripts are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Penetration testing tools cheat sheet, a quick reference high level overview for typical penetration testing engagements. Convenient comm…☆101Oct 13, 2025Updated 6 months ago
- A proper approach to pentest a Web application with the mixture of all useful payloads and complete testing guidance of attacks. Designed…☆105Feb 12, 2025Updated last year
- List of payloads and wordlists that are specifically crafted to identify and exploit vulnerabilities in target web applications.☆438Mar 16, 2026Updated last month
- Passive Reconnaissance Techniques Approach helps for penetration testing and bug bounty hunting by gathering information about a target s…☆20Aug 19, 2025Updated 8 months ago
- NeXSS is a modern, self-hosted Blind XSS (Cross-Site Scripting) hunter and callback listener built with Next.js. It helps security resear…☆31Jan 14, 2026Updated 3 months ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Bypass 403 pages☆130Jun 30, 2024Updated last year
- ☆44May 4, 2025Updated 11 months ago
- Parallelized enumeration tool for red team engagements and bug bounty programs.☆16Mar 31, 2021Updated 5 years ago
- OpenAI Security Console - Python3 AI-powered Cybersecurity Framework☆16Mar 25, 2023Updated 3 years ago
- ☆11Dec 17, 2023Updated 2 years ago
- Burp Bounty Lab provides a safe, local target to validate that your Burp Bounty Pro scanner profiles detect vulnerabilities correctly. It…☆42Mar 16, 2026Updated last month
- All combinations of various characters, to get the desired word☆21Dec 13, 2023Updated 2 years ago
- Autorev.sh generates reverse shell codes for reverse shell . Supports linux and windows☆17Apr 8, 2022Updated 4 years ago
- This lab is for **EDUCATIONAL PURPOSES ONLY**. Use it responsibly and only on systems you own or have explicit permission to test. Do not…☆19Feb 20, 2026Updated 2 months ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- IP/FQDN data structure helper with randomization of hosts and ports based on masscan internal logic☆69Jul 7, 2024Updated last year
- top usernames from azure survey 2025☆16Apr 25, 2025Updated last year
- Monitor your target continuously for new subdomains!☆25Mar 18, 2023Updated 3 years ago
- Automate Nuclei scans and streamline bug hunting workflows☆21Feb 16, 2024Updated 2 years ago
- Burp extension to track your current IP address. Extension focused for red teams where the attacker needs to log all used IP addresses.☆26Nov 2, 2025Updated 6 months ago
- This script was developped to assist in SpearPhishing campaign during Red Team operations. It can be used to generate random name based o…☆13Feb 6, 2023Updated 3 years ago
- ☆12Apr 5, 2025Updated last year
- Collections of Tools, Bookmarks, and other guides created to aid in OSINT collection☆18Aug 18, 2021Updated 4 years ago
- This little script for gathering chaos.projectdiscovery.io recon data in an organized way and finding the daily differences on it☆18Aug 9, 2020Updated 5 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- ☆11Jun 5, 2022Updated 3 years ago
- Scan websites CSP policies and visualise their vunlnerabilities from a dashboard☆13Mar 11, 2025Updated last year
- ☆13Apr 6, 2022Updated 4 years ago
- Deploy a phishing infrastructure on the fly.☆78Dec 21, 2024Updated last year
- Apuntes Pentesting a ActiveDirectory PentesterAcademy☆22Jun 9, 2019Updated 6 years ago
- A powerful and clean bash script to dump and extract information from Project Discovery's Chaos Project https://chaos.projectdiscovery.io…☆25Mar 31, 2022Updated 4 years ago
- A small script that automates Entra ID persistence with Windows Hello For Business key☆68Feb 16, 2025Updated last year
- JamfHound is a python3 project designed to collect and identify attack paths in Jamf Pro tenants based on existing object permissions by …☆130Apr 23, 2026Updated last week
- 🌩Using CodeQL To Conduct JavaScript Security Analysis Against Modern Web Applications☆20Oct 16, 2024Updated last year
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Generate wordlists from Github repositories☆107Nov 25, 2023Updated 2 years ago
- Tool allows to convert text into Morse code and save to wav file.☆15Oct 17, 2013Updated 12 years ago
- Powershell tools used for Red Team / Pentesting.☆83Jan 8, 2024Updated 2 years ago
- Collection of Penetration Testing Interview Questions across various domains, including Information Security, Network Security, Web Secur…☆66Aug 19, 2025Updated 8 months ago
- A standalone Blind XSS Script.☆48Aug 15, 2025Updated 8 months ago
- User-Agent , X-Forwarded-For and Referer SQLI Fuzzer☆384May 19, 2023Updated 2 years ago
- An easy way to convert BloodHound output files into data that can be imported into reporting software like Dradis and Plextrac. Built by …☆19Oct 15, 2020Updated 5 years ago