Scripts that are intended to help you in your pen-testing and bug-hunting efforts by automating various manual tasks, making your work more efficient and effective.
☆98Sep 27, 2025Updated 5 months ago
Alternatives and similar repositories for Offensive-Pentesting-Scripts
Users that are interested in Offensive-Pentesting-Scripts are comparing it to the libraries listed below
Sorting:
- A proper approach to pentest a Web application with the mixture of all useful payloads and complete testing guidance of attacks. Designed…☆101Feb 12, 2025Updated last year
- Penetration testing tools cheat sheet, a quick reference high level overview for typical penetration testing engagements. Convenient comm…☆94Oct 13, 2025Updated 4 months ago
- Comprehensive guide to configuring Kali Linux, a Debian-based Linux distribution designed for penetration testers. The guide covers every…☆36Jan 6, 2025Updated last year
- Passive Reconnaissance Techniques Approach helps for penetration testing and bug bounty hunting by gathering information about a target s…☆19Aug 19, 2025Updated 6 months ago
- List of payloads and wordlists that are specifically crafted to identify and exploit vulnerabilities in target web applications.☆427Sep 20, 2024Updated last year
- ☆13Oct 16, 2025Updated 4 months ago
- Automate Nuclei scans and streamline bug hunting workflows☆21Feb 16, 2024Updated 2 years ago
- A powerful and clean bash script to dump and extract information from Project Discovery's Chaos Project https://chaos.projectdiscovery.io…☆25Mar 31, 2022Updated 3 years ago
- Scan websites CSP policies and visualise their vunlnerabilities from a dashboard☆13Mar 11, 2025Updated 11 months ago
- PrettyRecon-cli is an unofficial cli client for PrettyRecon. This tool can be used to trigger various tasks on prettyrecon as well as fe…☆10May 9, 2025Updated 9 months ago
- robertfoster's PKGBUILD☆12Updated this week
- All combinations of various characters, to get the desired word☆20Dec 13, 2023Updated 2 years ago
- top usernames from azure survey 2025☆14Apr 25, 2025Updated 10 months ago
- ☆11Jun 5, 2022Updated 3 years ago
- Just some random Red Team Scripts that can be useful☆153Jun 28, 2024Updated last year
- ☆11Dec 17, 2023Updated 2 years ago
- MCP wrapper for Hashcat – automate hash cracking with natural language☆24Jun 5, 2025Updated 8 months ago
- ☆12Apr 5, 2025Updated 10 months ago
- Security and Privacy Failures in Popular 2FA Apps☆20Oct 5, 2023Updated 2 years ago
- This script was developped to assist in SpearPhishing campaign during Red Team operations. It can be used to generate random name based o…☆13Feb 6, 2023Updated 3 years ago
- Collections of Tools, Bookmarks, and other guides created to aid in OSINT collection☆18Aug 18, 2021Updated 4 years ago
- ☆32Updated this week
- Powershell Scripts for Blue Team members☆11Dec 1, 2023Updated 2 years ago
- Bypass 403 pages☆130Jun 30, 2024Updated last year
- Deploy a phishing infrastructure on the fly.☆77Dec 21, 2024Updated last year
- nmap nse script for scan a whole country☆13Jun 28, 2022Updated 3 years ago
- nTask is a distributed task management program that allows you to distribute tasks across multiple computers using API communication and …☆16Feb 19, 2026Updated last week
- NeXSS is a modern, self-hosted Blind XSS (Cross-Site Scripting) hunter and callback listener built with Next.js. It helps security resear…☆30Jan 14, 2026Updated last month
- An easy way to convert BloodHound output files into data that can be imported into reporting software like Dradis and Plextrac. Built by …☆18Oct 15, 2020Updated 5 years ago
- Source code and examples for PassiveAggression☆64Jun 6, 2024Updated last year
- Metabase Pre-auth RCE☆12Aug 3, 2023Updated 2 years ago
- Fast and customizable Firebase api and Project ID extractor .☆18Dec 10, 2023Updated 2 years ago
- ☆44Oct 11, 2025Updated 4 months ago
- ☆15Feb 5, 2025Updated last year
- A structured red-team prompt for generating ethical hacking tools using AI - designed for use in labs, CTFs, and authorized security asse…☆25Jun 26, 2025Updated 8 months ago
- Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of …☆18Apr 4, 2023Updated 2 years ago
- Parallelized enumeration tool for red team engagements and bug bounty programs.☆16Mar 31, 2021Updated 4 years ago
- Discovering Typo Squatting on your domains!☆80Jul 30, 2024Updated last year
- Want to crack passwords faster by using a wordlist that fits your 'target audience'? Use WikiRaider.☆45Feb 2, 2024Updated 2 years ago