InfoSecWarrior/Offensive-Pentesting-Web external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

InfoSecWarrior/Offensive-Pentesting-Web

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/InfoSecWarrior/Offensive-Pentesting-Web)

Close

InfoSecWarrior / Offensive-Pentesting-WebView on GitHubMore

• External links
• Readme badge

A proper approach to pentest a Web application with the mixture of all useful payloads and complete testing guidance of attacks. Designed as a quick reference cheat sheet for your pentesting and bug bounty engagement.

☆101Feb 12, 2025Updated last year

Alternatives and similar repositories for Offensive-Pentesting-Web

Users that are interested in Offensive-Pentesting-Web are comparing it to the libraries listed below

• InfoSecWarrior / Offensive-Pentesting-Scripts

  View on GitHub
  Scripts that are intended to help you in your pen-testing and bug-hunting efforts by automating various manual tasks, making your work mo…
  ☆98Sep 27, 2025Updated 5 months ago
• InfoSecWarrior / Offensive-Pentesting-Resources

  View on GitHub
  ☆13Oct 16, 2025Updated 4 months ago
• InfoSecWarrior / Offensive-Recon

  View on GitHub
  Passive Reconnaissance Techniques Approach helps for penetration testing and bug bounty hunting by gathering information about a target s…
  ☆20Aug 19, 2025Updated 6 months ago
• InfoSecWarrior / Offensive-Payloads

  View on GitHub
  List of payloads and wordlists that are specifically crafted to identify and exploit vulnerabilities in target web applications.
  ☆427Sep 20, 2024Updated last year
• Krypteria / Ant

  View on GitHub
  Ant is a post-exploitation tool designed to automate the deployment of tunnels and port forwarding based on a predefined topology configu…
  ☆17Jan 31, 2024Updated 2 years ago
• InfoSecWarrior / Kali-Linux-Configuration

  View on GitHub
  Comprehensive guide to configuring Kali Linux, a Debian-based Linux distribution designed for penetration testers. The guide covers every…
  ☆36Jan 6, 2025Updated last year
• post-cyberlabs / CVE-Advisory

  View on GitHub
  Publishing advisories for CVEs found by POST Cyberforce
  ☆13Jan 7, 2025Updated last year
• toneemarqus / OSCP-notes

  View on GitHub
  ☆11Dec 17, 2023Updated 2 years ago
• TH3xACE / genAvatar

  View on GitHub
  This script was developped to assist in SpearPhishing campaign during Red Team operations. It can be used to generate random name based o…
  ☆13Feb 6, 2023Updated 3 years ago
• OWASP / www-project-penetration-testing-kit

  View on GitHub
  OWASP Foundation Web Respository
  ☆26Jan 27, 2026Updated last month
• trapsocialenginer / DcRat

  View on GitHub
  ☆10Jan 30, 2022Updated 4 years ago
• an4kein / REST_API

  View on GitHub
  API research and learning
  ☆12May 22, 2019Updated 6 years ago
• rodolfomarianocy / Tricks-Web-Pentest

  View on GitHub
  Web Application Penetration Testing
  ☆146May 4, 2025Updated 9 months ago
• ExAndroidDev / rtlo-attack

  View on GitHub
  Right-To-Left Override POC
  ☆36Mar 21, 2022Updated 3 years ago
• LeakIX / l9fuzz

  View on GitHub
  Help fuzz various protocols and waits for ping backs Integrates LDAP server and JNDI payload
  ☆11Dec 27, 2021Updated 4 years ago
• t3ntman / Red-Team-Scripts

  View on GitHub
  Collection of scripts that I have used on Red Team engagements
  ☆16Feb 15, 2018Updated 8 years ago
• frizb / Powershell-Cheatsheet

  View on GitHub
  Hand list of Powershell commands frequently used during penetration tests
  ☆15Oct 14, 2018Updated 7 years ago
• Tib3rius / privesc-setup

  View on GitHub
  ☆30Aug 22, 2019Updated 6 years ago
• thecybermafia / OffensivePowerShell

  View on GitHub
  Powershell modules and commands that come in handy for pentests and red team assessments.
  ☆18Oct 31, 2018Updated 7 years ago
• CyberSecurityUP / Awesome-Exploit-Development

  View on GitHub
  ☆103Aug 31, 2021Updated 4 years ago
• ByteHackr / AwesomeMobilePentest

  View on GitHub
  Awesome Mobile Application Penetration Testing Cheat Sheet
  ☆14May 29, 2021Updated 4 years ago
• hoodoer / postBasedXSS

  View on GitHub
  Demo of various ways to exploit post based reflected XSS
  ☆18Jul 6, 2023Updated 2 years ago
• raesene / OWASP_Web_App_Testing_Cheatsheet_Converter

  View on GitHub
  OWASP Web Application Testing Cheat Sheet converted to tool formats
  ☆25Jan 20, 2017Updated 9 years ago
• apurvsinghgautam / Crawl_Analyze_Top1_Million

  View on GitHub
  A research project to crawl and analyze Top 1 million domains
  ☆22Feb 7, 2023Updated 3 years ago
• MTK911 / pentest-report-template

  View on GitHub
  Pentesting report template for the masses
  ☆16Apr 2, 2020Updated 5 years ago
• jhwohlgemuth / zsh-pentest

  View on GitHub
  Aliases and functions for the lazy penetration tester
  ☆69Jan 28, 2024Updated 2 years ago
• arty-hlr / syscall_info

  View on GitHub
  Quick script to find info about a syscall in a target architecture
  ☆18Jan 8, 2020Updated 6 years ago
• CyberSecurityUP / Web-PenTest-Resume-Tips

  View on GitHub
  ☆20May 18, 2022Updated 3 years ago
• netbiosX / CheatSheets

  View on GitHub
  Commands to perform various activities related to penetration testing and red teaming
  ☆21Jan 17, 2020Updated 6 years ago
• h4md153v63n / eLearnSecurity-Web-Application-Penetration-Tester-eXtreme-eWPTXv2

  View on GitHub
  eLearnSecurity Web application Penetration Tester eXtreme (eWPTXv2)
  ☆28Feb 6, 2024Updated 2 years ago
• unix-ninja / redteamnotebook

  View on GitHub
  An experiment to address digital intelligence archiving on offensive engagements.
  ☆26Sep 30, 2020Updated 5 years ago
• mrvcoder / Bug-Hunting-methodologies

  View on GitHub
  this repo contains some public methodologies which I found from internet (google,telegram,discord,writeups etc..)
  ☆30May 30, 2024Updated last year
• cckuailong / Log4j_CVE-2021-45046

  View on GitHub
  Log4j 2.15.0 Privilege Escalation -- CVE-2021-45046
  ☆21Dec 23, 2021Updated 4 years ago
• hakluke / hakfindinternaldomains

  View on GitHub
  Feed it a list of subdomains, it will resolve them and tell you which ones are internal
  ☆93Nov 21, 2021Updated 4 years ago
• ins1gn1a / WoollyMammoth

  View on GitHub
  Toolkit for manual buffer exploitation, which features a basic network socket fuzzer, offset pattern generator and detector, bad characte…
  ☆24Nov 24, 2019Updated 6 years ago
• ajinabraham / aws_security_tools

  View on GitHub
  Scripts and tools for AWS Pentest
  ☆53Oct 22, 2020Updated 5 years ago
• kh4sh3i / Application-Security-Interview-Questions

  View on GitHub
  Here are some common interview questions for an application security position you can review for your own interview, along with example a…
  ☆31Apr 17, 2022Updated 3 years ago
• antman1p / GD-Thief

  View on GitHub
  Red Team tool for exfiltrating files from a target's Google Drive that you have access to, via Google's API.
  ☆59Sep 2, 2021Updated 4 years ago
• The-XSS-Rat / BugHuntingNotes

  View on GitHub
  ☆31Jan 28, 2020Updated 6 years ago