Alternatives and similar repositories for pentesting

Users that are interested in pentesting are comparing it to the libraries listed below

• positive-security / dompdf-rce
  RCE exploit for dompdf
  ☆180Updated 3 years ago
• Keramas / DS_Walk
  Python tool for enumerating directories and files on web servers that contain a publicly readable .ds_store file.
  ☆66Updated 4 years ago
• epi052 / cve-2018-15473
  Multi-threaded, IPv6 aware, wordlists/single-user username enumeration via CVE-2018-15473
  ☆111Updated last year
• jakabakos / CVE-2023-36664-Ghostscript-command-injection
  Ghostscript command injection vulnerability PoC (CVE-2023-36664)
  ☆129Updated 2 years ago
• nth347 / CVE-2021-3129_exploit
  Exploit for CVE-2021-3129
  ☆68Updated 4 years ago
• Syzik / DockerRegistryGrabber
  Enumerate / Dump Docker Registry
  ☆180Updated last year
• VikasVarshney / ssti-payload
  SSTI Payload Generator
  ☆92Updated 3 years ago
• joeammond / CVE-2021-4034
  Python exploit code for CVE-2021-4034 (pwnkit)
  ☆171Updated 3 years ago
• expl0itabl3 / Toolies
  Ad hoc collection of Red Teaming & Active Directory tooling.
  ☆225Updated 2 years ago
• Almorabea / Polkit-exploit
  Privilege escalation with polkit - CVE-2021-3560
  ☆124Updated 4 years ago
• jephk9 / oscp-jewels
  Gitbook: OSCP-Jewels
  ☆12Updated 4 years ago
• attackdebris / kerberos_enum_userlists
  Collection of username lists for enumerating kerberos domain users
  ☆104Updated 8 years ago
• evkl1d / CVE-2023-46604
  ☆38Updated 2 years ago
• SaumyajeetDas / CVE-2023-46604-RCE-Reverse-Shell-Apache-ActiveMQ
  Achieving a Reverse Shell Exploit for Apache ActiveMQ (CVE_2023-46604)
  ☆119Updated last year
• cve-sandbox / jquery-ui
  CVE Collection of jQuery UI XSS Payloads
  ☆119Updated 2 years ago
• rayhan0x01 / nodejs-websocket-sqli
  A simple NodeJS WebSocket WebApp vulnerable to blind SQL injection
  ☆71Updated 4 years ago
• borjmz / aspx-reverse-shell
  Aspx reverse shell
  ☆118Updated 5 years ago
• teambi0s / dfunc-bypasser
  This tool is for letting you know how strong your disable_functions is and how you can bypass that.
  ☆141Updated 6 years ago
• p0dalirius / Tomcat-webshell-application
  A webshell application and interactive shell for pentesting Apache Tomcat servers.
  ☆124Updated 10 months ago
• cytopia / smtp-user-enum
  SMTP user enumeration via VRFY, EXPN and RCPT with clever timeout, retry and reconnect functionality.
  ☆159Updated last year
• volkandindar / agartha
  A Burp Suite extension for identifying injection flaws (LFI, RCE, SQLi), authentication/authorization issues, and HTTP 403 access violati…
  ☆389Updated 3 weeks ago
• Sybil-Scan / imagemagick-lfi-poc
  ImageMagick LFI PoC [CVE-2022-44268]
  ☆53Updated 2 years ago
• hansmach1ne / LFImap
  Local File Inclusion discovery and exploitation tool
  ☆329Updated 11 months ago
• mohinparamasivam / Sudo-1.8.31-Root-Exploit
  Root shell PoC for CVE-2021-3156
  ☆71Updated 4 years ago
• s-3ntinel / imgjs_polygloter
  ☆24Updated 4 years ago
• g1vi / CVE-2023-2640-CVE-2023-32629
  GameOver(lay) Ubuntu Privilege Escalation
  ☆131Updated 2 years ago
• Anof-cyber / PyCript
  Burp Suite extension to decrypt/encrypt any encrypted traffic (AES/RSA/Encodings and more) with custom code in any language
  ☆217Updated 2 weeks ago
• UncleJ4ck / CVE-2021-41091
  POC for CVE-2021-41091
  ☆65Updated 2 years ago
• d3mondev / burp-vps-proxy
  This Burp Suite extension allows for the automatic creation and deletion of an upstream SOCKS5 proxy on popular cloud services.
  ☆245Updated 9 months ago
• dhmosfunk / CVE-2023-25690-POC
  CVE 2023 25690 Proof of concept - mod_proxy vulnerable configuration on Apache HTTP Server versions 2.4.0 - 2.4.55 leads to HTTP Request …
  ☆282Updated last year