Alternatives and similar repositories for CTF:

Users that are interested in CTF are comparing it to the libraries listed below

• eur0pa / goGetBucket
  A penetration testing tool to enumerate and analyse Amazon S3 Buckets owned by a domain.
  ☆27Updated 6 years ago
• rojan-rijal / ReconUI
  Alpha version code of Recon UI
  ☆14Updated 6 years ago
• PortSwigger / burp-smart-buster
  A Burp Suite content discovery plugin that add the smart into the Buster!
  ☆31Updated 7 years ago
• securityidiots / vhost_buster
  A simple tool with the power of "Go" to find the hidden Vhosts defined at the server.
  ☆18Updated 6 years ago
• random-robbie / s3-tko
  AWS S3 Bucket Finder.
  ☆15Updated 5 years ago
• gwen001 / testxss
  PHP tool to test XSS
  ☆23Updated 5 years ago
• BountyMachine / about
  A central place to keep track of relevant BountyMachine talks, blogs, and interesting things!
  ☆33Updated 6 years ago
• Damian89 / extended-baserequest-importer
  Scan and import relevant requests directly to burp!
  ☆9Updated 5 years ago
• TROUBLE-1 / shoping_site
  dummy shopping site for whitebox pentestig
  ☆9Updated 2 years ago
• Static-Flow / DirectoryImporter
  This is a Burpsuite plugin built to enable you to import your directory bruteforcing results into burp for easy viewing later. This is an…
  ☆36Updated last year
• cybercdh / vpaths
  Take a list of URIs and print all the of the paths
  ☆10Updated 4 years ago
• gwen001 / BBstats
  Bug Bounty statistics tool.
  ☆31Updated 2 years ago
• MrTaherAmine / pentest-management
  Simple webinterface combining different recon tools.
  ☆12Updated 6 years ago
• hakluke / haksecuritytxt
  Takes a list of domains as the input, checks if they have a security.txt, outputs the results.
  ☆14Updated 4 years ago
• tehryanx / memento.py
  Find endpoints in archived versions of robots.txt
  ☆13Updated 5 years ago
• wdahlenburg / LogicalFuzzingEngine
  A Burpsuite extension written in Python to perform basic validation fuzzing
  ☆10Updated 2 years ago
• cosmoscrew / gomassdns
  A better dns bruteforcer written in golang
  ☆13Updated 6 years ago
• airman604 / cms2cmd
  ☆10Updated 6 years ago
• Rozendantz / subforce
  A commandline forced browsing tool for subdomain lists
  ☆9Updated 4 years ago
• lkorba / enumsh
  ☆10Updated 5 years ago
• Leoid / AWSBurpCollaborator
  Deploy a Private Burpsuite Collaborator using boto3 Python Library
  ☆57Updated 5 years ago
• laconicwolf / cors-scanner
  A multi-threaded scanner that helps identify CORS flaws/misconfigurations
  ☆19Updated 5 years ago
• plenumlab / lazyrecon
  This script is intended to automate your reconnaissance process in an organized fashion
  ☆39Updated 5 years ago
• ivision-research / burp-highlighter
  ☆22Updated 2 years ago
• ettic-team / EndpointFinder-Burp
  ☆31Updated 5 years ago
• CaptainFreak / diffJs
  Script for monitoring changes in javascript files on WebApps for offensive reconnaissance.
  ☆28Updated 3 years ago
• PortSwigger / detect-dynamic-js
  The DetectDynamicJS Burp Extension provides an additional passive scanner that tries to find differing content in JavaScript files and ai…
  ☆13Updated 6 years ago
• spenkk / rapiddns-extractor
  Extract subdomains from rapiddns.io
  ☆23Updated 2 years ago
• Droidzzzio / Learning-Hub
  ☆19Updated 4 years ago
• random-robbie / metadata-one-liners
  retrive metadata endpoint data with these one liners.
  ☆37Updated 4 years ago