Alternatives and similar repositories for THM

Users that are interested in THM are comparing it to the libraries listed below

• calebstewart / RegistryBaseline

  View on GitHub
  Baseline/Test for persistence in common Windows Registry locations
  ☆23Jan 30, 2019Updated 7 years ago
• josh0xA / DoubleAgent

  View on GitHub
  Zero-Day Code Injection and Persistence Technique
  ☆35Mar 28, 2017Updated 8 years ago
• josh0xA / win32-iat

  View on GitHub
  Small attempt at a decent Import Address Table (IAT) Dumper
  ☆15Aug 25, 2024Updated last year
• oparkins / ignition-key.kali

  View on GitHub
  Ansible scripts to install tools and files wanted on a new Kali Machine
  ☆32Nov 22, 2019Updated 6 years ago
• calebstewart / python-sigma

  View on GitHub
  Python API for interacting with sigma rules.
  ☆54Jul 1, 2022Updated 3 years ago
• JohnHammond / sshkeys

  View on GitHub
  A weaponized technique for SSH to accept an inserted public/private key. Useful for red team effects.
  ☆15Mar 27, 2020Updated 5 years ago
• JohnHammond / security-resources

  View on GitHub
  A communal outpouring of online resources for learning different things in cybersecurity
  ☆471Sep 19, 2021Updated 4 years ago
• calebstewart / pam_sneaky

  View on GitHub
  A silly PAM module to allow authentication as any user with a single password.
  ☆62May 20, 2020Updated 5 years ago
• 0dayCTF / RustScan

  View on GitHub
  🤖 The Modern Port Scanner 🤖
  ☆22Jul 1, 2021Updated 4 years ago
• MuirlandOracle / Rickroll-Server

  View on GitHub
  Python TCP server for terminal rickrolls
  ☆13Nov 23, 2021Updated 4 years ago
• MandConsultingGroup / ring3-kit

  View on GitHub
  Hides Process From Task Manager Using NT API Hooking (NtQuerySystemInformation)
  ☆80Dec 28, 2022Updated 3 years ago
• sachinn403 / HTB-CPTS-Notes

  View on GitHub
  Hack The Box CPTS command
  ☆30Jun 25, 2025Updated 7 months ago
• JohnHammond / pyminify

  View on GitHub
  Compress a Python script to a command-line one-liner
  ☆78Dec 31, 2022Updated 3 years ago
• kensh1ro / dart-shellcode

  View on GitHub
  A PoC executing shellcode in Dart
  ☆17Jun 28, 2022Updated 3 years ago
• cybertechajju / js4bugbounty

  View on GitHub
  ☆48Oct 11, 2025Updated 4 months ago
• MuirlandOracle / CVE-2019-17662

  View on GitHub
  Exploit code for CVE-2019-17662
  ☆18Sep 12, 2021Updated 4 years ago
• C0nd4 / vuln-labs

  View on GitHub
  A set of vulnerable machines rendered by Packer and Ansible scripts.
  ☆13Feb 15, 2021Updated 4 years ago
• ZonkSec / json_escape

  View on GitHub
  sqlmap tamper script for unicode escape inside json
  ☆14Dec 20, 2018Updated 7 years ago
• pentestfunctions / CVE-2024-48990-PoC-Testing

  View on GitHub
  Testing POC for use cases
  ☆25Nov 24, 2024Updated last year
• JohnHammond / PowerSploit

  View on GitHub
  PowerSploit - A PowerShell Post-Exploitation Framework
  ☆14Aug 17, 2020Updated 5 years ago
• JohnHammond / ignition_key

  View on GitHub
  This is a small BASH script to quickly setup all the tools I would want and need on a new machine.
  ☆151Jul 21, 2022Updated 3 years ago
• JohnHammond / GTFOBins.github.io

  View on GitHub
  Curated list of Unix binaries that can be exploited to bypass system security restrictions
  ☆35Apr 5, 2023Updated 2 years ago
• 4ndr34z / Enhanced-Hack-Tools

  View on GitHub
  The all-in-one Red Team extension for Web Pentester. Added more functionality
  ☆17Dec 21, 2021Updated 4 years ago
• JohnHammond / active_directory

  View on GitHub
  Notes and resources for the Active Directory YouTube series on https://youtube.com/JohnHammond010
  ☆126Jul 16, 2022Updated 3 years ago
• burmat / burmatscripts

  View on GitHub
  Scripts and One-Liners
  ☆20Jan 31, 2025Updated last year
• bsysop / blind-ssrf-chains

  View on GitHub
  An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability
  ☆17Jan 31, 2021Updated 5 years ago
• aaditya2098 / noobstuffs

  View on GitHub
  Xss payload for bypassing waf
  ☆18Apr 18, 2020Updated 5 years ago
• Certs-Study / CRTP-Certified-Red-Team-Professional

  View on GitHub
  Welcome to RFS notes to CRTP - Certified Red Team Professional by Altered Security.
  ☆21Aug 20, 2024Updated last year
• samugit83 / TheGradientPath

  View on GitHub
  TheGradientPath is your hands-on guide to ML and AI, mixing bite-sized Python scripts, notebooks, and videos. Start with fundamentals, cl…
  ☆63Feb 8, 2026Updated last week
• 0xbad53c / osed-tools

  View on GitHub
  Tools/scripts I used/developed during the EXP-301 course.
  ☆26May 17, 2022Updated 3 years ago
• 1hehaq / oty

  View on GitHub
  Oty is a fast, customizable, CLI tool designed to streamline your Bug Bounty and Pentesting workflows. Powered by a simple yet flexible Y…
  ☆28Jan 27, 2025Updated last year
• k3idii / Deserek

  View on GitHub
  Python code to Serialize and Unserialize java binary serialization format.
  ☆30Jan 9, 2026Updated last month
• praetorian-inc / konstellation

  View on GitHub
  Konstellation is a configuration-driven CLI tool to enumerate cloud resources and store the data into Neo4j.
  ☆30Feb 2, 2026Updated last week
• 0dayCTF / awesome-shodan-queries

  View on GitHub
  🔍 A collection of interesting, funny, and depressing search queries to plug into https://shodan.io/ 👩‍💻
  ☆22Oct 19, 2019Updated 6 years ago
• 0dayCTF / PayloadsAllTheThings

  View on GitHub
  A list of useful payloads and bypass for Web Application Security and Pentest/CTF
  ☆59Apr 18, 2021Updated 4 years ago
• OWASP / www-project-top-25-parameters

  View on GitHub
  OWASP Foundation Web Respository
  ☆26Oct 11, 2025Updated 4 months ago
• xanhacks / OffensiveWeb

  View on GitHub
  Offensive Web is a documentation website about security research, difficult concepts, bypass and new exploitation techniques.
  ☆31May 4, 2025Updated 9 months ago
• Qxe5 / dysis

  View on GitHub
  Yu-Gi-Oh! Card Search Discord Bot
  ☆10Aug 13, 2023Updated 2 years ago
• IppSec / gobuster

  View on GitHub
  Directory/File, DNS and VHost busting tool written in Go
  ☆24Jan 3, 2020Updated 6 years ago