A proper approach to pentest a Web application with the mixture of all useful payloads and complete testing guidance of attacks. Designed as a quick reference cheat sheet for your pentesting and bug bounty engagement.
☆112Feb 12, 2025Updated last year
Alternatives and similar repositories for Offensive-Pentesting-Web
Users that are interested in Offensive-Pentesting-Web are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Scripts that are intended to help you in your pen-testing and bug-hunting efforts by automating various manual tasks, making your work mo…☆103May 14, 2026Updated last month
- Passive Reconnaissance Techniques Approach helps for penetration testing and bug bounty hunting by gathering information about a target s…☆20Aug 19, 2025Updated 10 months ago
- ☆13Oct 16, 2025Updated 8 months ago
- Anti-forensics tool Inspired by NSA's Marble framework.☆10Apr 17, 2025Updated last year
- Help fuzz various protocols and waits for ping backs Integrates LDAP server and JNDI payload☆11Dec 27, 2021Updated 4 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Collection of Penetration Testing Interview Questions across various domains, including Information Security, Network Security, Web Secur…☆70Aug 19, 2025Updated 10 months ago
- A high-performance domain scanner that discovers active domains by testing multiple Top-Level Domains (TLDs) for given domain names.☆34Apr 20, 2026Updated 2 months ago
- OWASP Foundation Web Respository☆28Jun 22, 2026Updated last week
- Tutorials and Things to Do while Hunting Vulnerability.☆13Aug 30, 2022Updated 3 years ago
- Enterprise SOC Lab with automated threat detection, SOAR orchestration, and incident response☆31Jan 21, 2026Updated 5 months ago
- Web Application Penetration Testing☆156Jun 2, 2026Updated last month
- ☆30Aug 22, 2019Updated 6 years ago
- ☆103Aug 31, 2021Updated 4 years ago
- ☆11Dec 17, 2023Updated 2 years ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- Autorev.sh generates reverse shell codes for reverse shell . Supports linux and windows☆17Apr 8, 2022Updated 4 years ago
- API research and learning☆12May 22, 2019Updated 7 years ago
- this repo contains some public methodologies which I found from internet (google,telegram,discord,writeups etc..)☆34May 30, 2024Updated 2 years ago
- Burp suite extension which help you to find inconsistency between content-type header and body parsers☆12Sep 14, 2025Updated 9 months ago
- Publishing advisories for CVEs found by POST Cyberforce☆13Jan 7, 2025Updated last year
- OWASP Web Application Testing Cheat Sheet converted to tool formats☆25Jan 20, 2017Updated 9 years ago
- Powershell modules and commands that come in handy for pentests and red team assessments.☆22Oct 31, 2018Updated 7 years ago
- This script was developped to assist in SpearPhishing campaign during Red Team operations. It can be used to generate random name based o…☆13Feb 6, 2023Updated 3 years ago
- An all-in-one hacking tool to remotely exploit Android devices using ADB and Metasploit-Framework to get a Meterpreter session.☆58Apr 19, 2024Updated 2 years ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- Right-To-Left Override POC☆36Mar 21, 2022Updated 4 years ago
- Source Code Review resources for Bug Bounty Hunters & Developers. This Repo is updated consistently.☆82Dec 30, 2021Updated 4 years ago
- Collection of fuzzing payloads and corpus from all around added as sub modules☆15Mar 26, 2026Updated 3 months ago
- Hack instagram using simple bruteforce method ✨☆12Aug 13, 2024Updated last year
- Virtual scenario for Network Penetration Testing☆14Mar 19, 2017Updated 9 years ago
- Scripts and tools for AWS Pentest☆53Oct 22, 2020Updated 5 years ago
- In this repo, I have included the tools that i used for my everyday penetration tests, if you have just installed kali and lost your tool…☆31Oct 16, 2024Updated last year
- A research project to crawl and analyze Top 1 million domains☆25Feb 7, 2023Updated 3 years ago
- Demo of various ways to exploit post based reflected XSS☆18Jul 6, 2023Updated 2 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Application Security Mind Maps☆12Apr 10, 2021Updated 5 years ago
- 🌩Using CodeQL To Conduct JavaScript Security Analysis Against Modern Web Applications☆20Oct 16, 2024Updated last year
- ☆20May 18, 2022Updated 4 years ago
- XSS scanning with Dalfox on Github-action☆26Nov 26, 2023Updated 2 years ago
- A general purpose packet marshaling library☆11Feb 6, 2026Updated 4 months ago
- OSCP Preparation Guide | Courses, Tricks, Tutorials, Exercises, Machines☆13Oct 17, 2023Updated 2 years ago
- ProtOSINT is a Python script that helps you investigate Protonmail accounts and ProtonVPN IP addresses☆13Sep 2, 2022Updated 3 years ago