Alternatives and similar repositories for pentesting

Users that are interested in pentesting are comparing it to the libraries listed below

• Keramas / DS_Walk
  Python tool for enumerating directories and files on web servers that contain a publicly readable .ds_store file.
  ☆62Updated 3 years ago
• expl0itabl3 / Toolies
  Ad hoc collection of Red Teaming & Active Directory tooling.
  ☆210Updated 2 years ago
• jakabakos / CVE-2023-36664-Ghostscript-command-injection
  Ghostscript command injection vulnerability PoC (CVE-2023-36664)
  ☆128Updated last year
• joeammond / CVE-2021-4034
  Python exploit code for CVE-2021-4034 (pwnkit)
  ☆169Updated 3 years ago
• VikasVarshney / ssti-payload
  SSTI Payload Generator
  ☆91Updated 2 years ago
• positive-security / dompdf-rce
  RCE exploit for dompdf
  ☆179Updated 3 years ago
• borjmz / aspx-reverse-shell
  Aspx reverse shell
  ☆112Updated 5 years ago
• nth347 / CVE-2021-3129_exploit
  Exploit for CVE-2021-3129
  ☆66Updated 4 years ago
• Almorabea / Polkit-exploit
  Privilege escalation with polkit - CVE-2021-3560
  ☆122Updated 4 years ago
• jephk9 / oscp-jewels
  Gitbook: OSCP-Jewels
  ☆12Updated 3 years ago
• attackdebris / kerberos_enum_userlists
  Collection of username lists for enumerating kerberos domain users
  ☆95Updated 7 years ago
• epi052 / cve-2018-15473
  Multi-threaded, IPv6 aware, wordlists/single-user username enumeration via CVE-2018-15473
  ☆108Updated last year
• Syzik / DockerRegistryGrabber
  Enumerate / Dump Docker Registry
  ☆179Updated last year
• jakabakos / Apache-OFBiz-Authentication-Bypass
  This repo is a PoC with to exploit CVE-2023-51467 and CVE-2023-49070 preauth RCE vulnerabilities found in Apache OFBiz.
  ☆74Updated last year
• rayhan0x01 / nodejs-websocket-sqli
  A simple NodeJS WebSocket WebApp vulnerable to blind SQL injection
  ☆71Updated 4 years ago
• SaumyajeetDas / CVE-2023-46604-RCE-Reverse-Shell-Apache-ActiveMQ
  Achieving a Reverse Shell Exploit for Apache ActiveMQ (CVE_2023-46604)
  ☆118Updated last year
• yaap7 / ldapsearch-ad
  Python3 script to quickly get various information from a domain controller through his LDAP service.
  ☆250Updated 7 months ago
• evkl1d / CVE-2023-46604
  ☆35Updated last year
• cytopia / smtp-user-enum
  SMTP user enumeration via VRFY, EXPN and RCPT with clever timeout, retry and reconnect functionality.
  ☆144Updated last year
• Acceis / exploit-CVE-2023-23752
  Joomla! < 4.2.8 - Unauthenticated information disclosure
  ☆87Updated last year
• hansmach1ne / LFImap
  Local File Inclusion discovery and exploitation tool
  ☆319Updated 7 months ago
• mubix / IOXIDResolver
  IOXIDResolver.py from AirBus Security
  ☆255Updated last year
• kraken-ng / Kraken
  Kraken, a modular multi-language webshell coded by @secu_x11
  ☆548Updated last year
• h3x0v3rl0rd / MS17-010_CVE-2017-0143
  MS17-010_CVE-2017-0143
  ☆37Updated 2 months ago
• cve-sandbox / jquery-ui
  CVE Collection of jQuery UI XSS Payloads
  ☆119Updated 2 years ago
• mohinparamasivam / Sudo-1.8.31-Root-Exploit
  Root shell PoC for CVE-2021-3156
  ☆69Updated 4 years ago
• caday00 / mimikatz2.1.1
  Old version of mimikatz for OSCP labs
  ☆17Updated 5 years ago
• teambi0s / dfunc-bypasser
  This tool is for letting you know how strong your disable_functions is and how you can bypass that.
  ☆132Updated 5 years ago
• dashagriiva / OSCP-Prep-1
  A comprehensive guide/material for anyone looking to get into infosec or take the OSCP exam
  ☆44Updated 6 years ago
• convisolabs / CVE-2021-22204-exiftool
  Python exploit for the CVE-2021-22204 vulnerability in Exiftool
  ☆94Updated 4 years ago