A proper approach to pentest a Web application with the mixture of all useful payloads and complete testing guidance of attacks. Designed as a quick reference cheat sheet for your pentesting and bug bounty engagement.
☆105Feb 12, 2025Updated last year
Alternatives and similar repositories for Offensive-Pentesting-Web
Users that are interested in Offensive-Pentesting-Web are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Penetration testing tools cheat sheet, a quick reference high level overview for typical penetration testing engagements. Convenient comm…☆100Oct 13, 2025Updated 6 months ago
- Passive Reconnaissance Techniques Approach helps for penetration testing and bug bounty hunting by gathering information about a target s…☆20Aug 19, 2025Updated 7 months ago
- ☆13Oct 16, 2025Updated 5 months ago
- List of payloads and wordlists that are specifically crafted to identify and exploit vulnerabilities in target web applications.☆434Mar 16, 2026Updated 3 weeks ago
- Anti-forensics tool Inspired by NSA's Marble framework.☆10Apr 17, 2025Updated 11 months ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Help fuzz various protocols and waits for ping backs Integrates LDAP server and JNDI payload☆11Dec 27, 2021Updated 4 years ago
- Comprehensive guide to configuring Kali Linux, a Debian-based Linux distribution designed for penetration testers. The guide covers every…☆37Jan 6, 2025Updated last year
- Collection of Penetration Testing Interview Questions across various domains, including Information Security, Network Security, Web Secur…☆64Aug 19, 2025Updated 7 months ago
- Tutorials and Things to Do while Hunting Vulnerability.☆13Aug 30, 2022Updated 3 years ago
- Web Application Penetration Testing☆152May 4, 2025Updated 11 months ago
- ☆30Aug 22, 2019Updated 6 years ago
- ☆103Aug 31, 2021Updated 4 years ago
- ☆11Dec 17, 2023Updated 2 years ago
- Mrco24-Lfi-Scanner is a high-speed Local File Inclusion (LFI) vulnerability scanning tool developed in the Go programming language. It's …☆13Dec 16, 2023Updated 2 years ago
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- Autorev.sh generates reverse shell codes for reverse shell . Supports linux and windows☆17Apr 8, 2022Updated 4 years ago
- API research and learning☆12May 22, 2019Updated 6 years ago
- Burp suite extension which help you to find inconsistency between content-type header and body parsers☆11Sep 14, 2025Updated 7 months ago
- Publishing advisories for CVEs found by POST Cyberforce☆13Jan 7, 2025Updated last year
- OWASP Web Application Testing Cheat Sheet converted to tool formats☆25Jan 20, 2017Updated 9 years ago
- Powershell modules and commands that come in handy for pentests and red team assessments.☆21Oct 31, 2018Updated 7 years ago
- This script was developped to assist in SpearPhishing campaign during Red Team operations. It can be used to generate random name based o…☆13Feb 6, 2023Updated 3 years ago
- Right-To-Left Override POC☆35Mar 21, 2022Updated 4 years ago
- Source Code Review resources for Bug Bounty Hunters & Developers. This Repo is updated consistently.☆80Dec 30, 2021Updated 4 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Virtual scenario for Network Penetration Testing☆14Mar 19, 2017Updated 9 years ago
- A proof of concept for Metasploit's CVE-2019-5624 vulnerability (Rubyzip insecure ZIP handling RCE)☆13May 2, 2019Updated 6 years ago
- Top 100 Hacking & Security E-Books (Free Download)☆10Feb 26, 2021Updated 5 years ago
- In this repo, I have included the tools that i used for my everyday penetration tests, if you have just installed kali and lost your tool…☆30Oct 16, 2024Updated last year
- WordPress File Upload RCE Exploit☆17Sep 1, 2025Updated 7 months ago
- A research project to crawl and analyze Top 1 million domains☆24Feb 7, 2023Updated 3 years ago
- Demo of various ways to exploit post based reflected XSS☆18Jul 6, 2023Updated 2 years ago
- 🌩Using CodeQL To Conduct JavaScript Security Analysis Against Modern Web Applications☆20Oct 16, 2024Updated last year
- ☆20May 18, 2022Updated 3 years ago
- Wordpress hosting with auto-scaling - Free Trial • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- XSS scanning with Dalfox on Github-action☆26Nov 26, 2023Updated 2 years ago
- ☆10Jan 30, 2022Updated 4 years ago
- Magic Mirror module☆11Nov 29, 2023Updated 2 years ago
- NSEC3 Zone Walker☆13Nov 27, 2025Updated 4 months ago
- ☆15May 17, 2018Updated 7 years ago
- A module for MagicMirror which determines the status of devices on the network based on their MAC address.☆10May 14, 2023Updated 2 years ago
- Collection of scripts that I have used on Red Team engagements☆16Feb 15, 2018Updated 8 years ago