Alternatives and similar repositories for CTF

Users that are interested in CTF are comparing it to the libraries listed below

• eur0pa / goGetBucket
  A penetration testing tool to enumerate and analyse Amazon S3 Buckets owned by a domain.
  ☆26Updated 6 years ago
• rojan-rijal / ReconUI
  Alpha version code of Recon UI
  ☆14Updated 7 years ago
• PortSwigger / burp-smart-buster
  A Burp Suite content discovery plugin that add the smart into the Buster!
  ☆31Updated 7 years ago
• securityidiots / vhost_buster
  A simple tool with the power of "Go" to find the hidden Vhosts defined at the server.
  ☆19Updated 6 years ago
• random-robbie / s3-tko
  AWS S3 Bucket Finder.
  ☆15Updated 5 years ago
• tehryanx / ssslide
  View screenshots as a slideshow over http
  ☆15Updated 5 years ago
• Static-Flow / DirectoryImporter
  This is a Burpsuite plugin built to enable you to import your directory bruteforcing results into burp for easy viewing later. This is an…
  ☆36Updated 2 years ago
• gwen001 / testxss
  PHP tool to test XSS
  ☆22Updated 5 years ago
• hakluke / haksecuritytxt
  Takes a list of domains as the input, checks if they have a security.txt, outputs the results.
  ☆14Updated 5 years ago
• plenumlab / lazyrecon
  This script is intended to automate your reconnaissance process in an organized fashion
  ☆39Updated 5 years ago
• TROUBLE-1 / shoping_site
  dummy shopping site for whitebox pentestig
  ☆9Updated 2 years ago
• Damian89 / extended-baserequest-importer
  Scan and import relevant requests directly to burp!
  ☆9Updated 5 years ago
• BountyMachine / about
  A central place to keep track of relevant BountyMachine talks, blogs, and interesting things!
  ☆33Updated 6 years ago
• TROUBLE-1 / Hacking-Sunday
  ☆1Updated 4 years ago
• rojan-rijal / Pyrate
  Practice Web App written in python with some vulnerabilities.
  ☆34Updated 4 years ago
• 0x3c3e / recloud
  Find orphaned IP's on cloud services
  ☆29Updated 5 years ago
• ettic-team / EndpointFinder-Burp
  ☆32Updated 5 years ago
• w9w / Open_Redirects_list
  -
  ☆11Updated 4 years ago
• xYantix / Notes
  ☆14Updated 5 years ago
• BBerastegui / bucket-decloaker
  A simple tool to decloak/expose the bucket name behind a domain.
  ☆22Updated 5 years ago
• cqsd / daily-commonspeak2
  commonspeak2 subdomains wordlist generated daily **DEPRECATED** The author(s) of commonspeak2 maintain an official repo with more lists. …
  ☆41Updated 3 years ago
• random-robbie / metadata-one-liners
  retrive metadata endpoint data with these one liners.
  ☆38Updated 4 years ago
• almroot / dnsresolvers
  A bash script that fetches and maintains thousands of DNS resolvers
  ☆65Updated 4 years ago
• Droidzzzio / Learning-Hub
  ☆19Updated 4 years ago
• Abss0x7tbh / massNS
  A tool that turns the authoritative nameservers of DNS providers to resolvers and resolves the target domain list. Please think of this a…
  ☆25Updated 5 years ago
• riyazwalikar / injection-attacks-nosql-talk
  Slides of the talk on Injection attacks in apps with NoSQL Backends, given at null OWASP Bangalore monthly meet on 27th April 2019
  ☆22Updated 6 years ago
• ndavison / circleci-logs
  CircleCI log and security configuration automations
  ☆22Updated 4 years ago
• irsdl / BurpTabEssentials
  This changes the style of Burp Suite's Repeater tabs to help the testers
  ☆29Updated 5 years ago
• dsopas / XSS-oneliner-payload
  Compilation of JavaScript XSS oneliners payloads that rocks your nuts!
  ☆25Updated 7 years ago
• TROUBLE-1 / Type-juggling
  Lab that will help you to understand how type juggling vulnerability works.
  ☆22Updated 4 years ago