Alternatives and similar repositories for pentesting:

Users that are interested in pentesting are comparing it to the libraries listed below

• rayhan0x01 / nodejs-websocket-sqli
  A simple NodeJS WebSocket WebApp vulnerable to blind SQL injection
  ☆70Updated 4 years ago
• Keramas / DS_Walk
  Python tool for enumerating directories and files on web servers that contain a publicly readable .ds_store file.
  ☆58Updated 3 years ago
• borjmz / aspx-reverse-shell
  Aspx reverse shell
  ☆106Updated 5 years ago
• VikasVarshney / ssti-payload
  SSTI Payload Generator
  ☆89Updated 2 years ago
• cve-sandbox / jquery-ui
  CVE Collection of jQuery UI XSS Payloads
  ☆120Updated 2 years ago
• attackdebris / kerberos_enum_userlists
  Collection of username lists for enumerating kerberos domain users
  ☆90Updated 7 years ago
• jakabakos / CVE-2023-36664-Ghostscript-command-injection
  Ghostscript command injection vulnerability PoC (CVE-2023-36664)
  ☆121Updated last year
• evkl1d / CVE-2023-46604
  ☆30Updated last year
• elweth-sec / CVE-2023-2255
  CVE-2023-2255 Libre Office
  ☆57Updated last year
• expl0itabl3 / Toolies
  Ad hoc collection of Red Teaming & Active Directory tooling.
  ☆197Updated last year
• caday00 / mimikatz2.1.1
  Old version of mimikatz for OSCP labs
  ☆17Updated 4 years ago
• ibr0wse / RedTeam-PenTest-Cheatsheet-Checklist
  Red Teaming and Penetration Testing Checklist, Cheatsheet, Clickscript
  ☆86Updated last year
• Almorabea / Polkit-exploit
  Privilege escalation with polkit - CVE-2021-3560
  ☆118Updated 3 years ago
• horizon3ai / proxyshell
  Proof of Concept for CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207
  ☆112Updated last year
• byronkg / SharpGPOAbuse
  Precompiled executable
  ☆52Updated 2 months ago
• p0dalirius / Tomcat-webshell-application
  A webshell application and interactive shell for pentesting Apache Tomcat servers.
  ☆103Updated 2 months ago
• epi052 / cve-2018-15473
  Multi-threaded, IPv6 aware, wordlists/single-user username enumeration via CVE-2018-15473
  ☆108Updated 11 months ago
• Acceis / exploit-CVE-2023-23752
  Joomla! < 4.2.8 - Unauthenticated information disclosure
  ☆82Updated last year
• ShutdownRepo / impacket
  Impacket is a collection of Python classes for working with network protocols.
  ☆70Updated 8 months ago
• mohinparamasivam / Sudo-1.8.31-Root-Exploit
  Root shell PoC for CVE-2021-3156
  ☆65Updated 4 years ago
• SaumyajeetDas / CVE-2023-46604-RCE-Reverse-Shell-Apache-ActiveMQ
  Achieving a Reverse Shell Exploit for Apache ActiveMQ (CVE_2023-46604)
  ☆114Updated last year
• abdoghazy2015 / ofbiz-CVE-2023-49070-RCE-POC
  ☆58Updated last year
• rexpository / powercat-v2.0
  Evade the boys in blue and acquire a reverse shell using powercat v2.0
  ☆54Updated 2 years ago
• UncleJ4ck / CVE-2021-41091
  POC for CVE-2021-41091
  ☆65Updated last year
• Jonoans / Umbraco-RCE
  Umbraco CMS 7.12.4 - (Authenticated) Remote Code Execution
  ☆16Updated last year
• n3rdh4x0r / MS17-010_CVE-2017-0143
  MS17-010_CVE-2017-0143
  ☆37Updated last month
• p0dalirius / Joomla-webshell-plugin
  A webshell plugin and interactive shell for pentesting a Joomla website.
  ☆51Updated 2 years ago
• miko550 / CVE-2023-32315
  Openfire Console Authentication Bypass Vulnerability with RCE plugin
  ☆50Updated last year
• svdwi / OSWE-Labs-Poc
  Dockerized labs For Web Expert (OSWE) certification. Preparation for coming AWAE Training ...
  ☆104Updated 3 years ago
• chebuya / Havoc-C2-SSRF-poc
  CVE-2024-41570: Havoc C2 0.7 Teamserver SSRF exploit
  ☆73Updated 7 months ago