Alternatives and similar repositories for SecLists

Users that are interested in SecLists are comparing it to the libraries listed below

• GrrrDog / ACEDcup
  Payload generator for Java Binary Deserialization attack with Commons FileUpload (CVE-2013-2186)
  ☆38Updated 9 years ago
• nccgroup / dotnetpaddingoracle
  Python Implementation of a .NET Padding Oracle Assessment Tool
  ☆30Updated 9 years ago
• floyd-fuh / burp-HttpFuzzer
  Burp plugin to do random fuzzing of HTTP requests
  ☆33Updated 8 years ago
• iriusrisk / resty-burp
  REST/JSON interface to Burp Suite
  ☆33Updated 4 years ago
• Virvales / BurpEnforcer
  ☆10Updated 9 years ago
• v-egoshin / WindowsUploadToolkit
  PHDAYS |||
  ☆17Updated 12 years ago
• OpenSecurityResearch / flash-xdomain-xploit
  ActionScript Proof of Concept to perform cross-domain reads
  ☆16Updated 11 years ago
• khai-tran / BurpJDSer
  ☆23Updated 10 years ago
• silentsignal / burp-collab-gw
  Simple socket-based gateway to the Burp Collaborator
  ☆33Updated 8 years ago
• Gifts / XXE-OOB-Exploitation-Toolset-for-Automation
  XXE OOB Exploitation Toolset for Automation
  ☆63Updated 11 years ago
• GDSSecurity / PaddingOracleDemos
  ☆23Updated 9 years ago
• debasishm89 / dotNetFuzz
  A quick and dirty .NET "Deserialize_*" fuzzer based on James Forshaw's (@tiraniddo) DotNetToJScript.
  ☆42Updated 6 years ago
• silentsignal / ActiveScan3Plus
  Modified version of ActiveScan++ Burp Suite extension
  ☆31Updated 8 years ago
• Charliedean / PsexecSpray
  Spray SMB with hashes, Then psexec
  ☆32Updated 5 years ago
• irsdl / updated-SWFIntruder
  Updated version of SWFIntruder
  ☆26Updated 8 years ago
• neraliu / tainted-phantomjs
  Tainted PhantomJS
  ☆52Updated 9 years ago
• dionach / HeadersAnalyzer
  Burp extension that checks for interesting and security headers
  ☆43Updated 4 years ago
• hatRiot / rpcshell
  Axis2 RPC Shell
  ☆15Updated 9 years ago
• a7vinx / swarm
  A modular distributed penetration testing tool.
  ☆41Updated 8 years ago
• irsl / struts-any-results
  Demonstrating why Dynamic Method Invocation with unrestricted method names (the old default of Struts) is dangerous.
  ☆12Updated 6 years ago
• 0x90 / routerz
  Some exploits for ZeroNights 0x03
  ☆36Updated 9 years ago
• tomekr / BurpFlashCSRFBuilder
  Generates Flash based CORS CSRF Proof of Concepts that can be sent directly to clients
  ☆14Updated 11 years ago
• augustd / burp-suite-token-fetcher
  Burp Extender to add unique form tokens to scanner requests.
  ☆14Updated 7 months ago
• Neo23x0 / webshell-intel
  Scan web server for known webshell names and responses
  ☆50Updated 8 years ago
• retbandit-zz / BlackHat2017
  BlackHat Europe 2017 Slides
  ☆26Updated 7 years ago
• savon-noir / nmap-webgui
  Basic gui to run and display nmap scan results. Just a POC so far.
  ☆31Updated 11 years ago
• 0ang3el / Hibernate-Injection-Study
  Study about HQL injection exploitation.
  ☆51Updated 9 years ago
• GrrrDog / ZeroNights-WebVillage-2017
  ☆70Updated 7 years ago
• ParsingTeam / ppsx-file-generator
  CVE-2017-8570 Exploit
  ☆21Updated 7 years ago
• infobyte / isr-sqlget
  ISR-sqlget It's a blind SQL injection tool developed in Perl.
  ☆14Updated 12 years ago