Alternatives and similar repositories for OWASP-Web-App-Pentesting-checklists:

Users that are interested in OWASP-Web-App-Pentesting-checklists are comparing it to the libraries listed below

• In3tinct / Taken
  Takeover AWS ips and have a working POC for Subdomain Takeover.
  ☆89Updated 9 months ago
• yesnet0 / bounty
  Misc bounty and vulndisc things
  ☆83Updated 4 years ago
• iamthefrogy / bucketbunny
  AWS S3 open bucket poc automated script.
  ☆55Updated 3 years ago
• th3hack3rwiz / Lazy-FuzzZ
  Sometimes we want to fuzz a set of sub-domain URLs with a common wordlist. Fuzzing them one by one is a tedious task, not to mention the …
  ☆51Updated 3 years ago
• Rhynorater / reports
  ☆59Updated 6 months ago
• allyomalley / BurpParamFlagger
  A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF or L…
  ☆130Updated 3 years ago
• ptswarm / ptswarm-twitter
  ☆76Updated 4 years ago
• BugBountyResources / targets
  A collection of over 5.1 million sub-domains and assets belonging to public bug bounty programs, compiled into a repo, for performing bul…
  ☆97Updated 3 years ago
• codingo / microsubs
  A collection of code for interacting with API sources directly to improve your understanding of those services.
  ☆66Updated 4 years ago
• 1ndianl33t / 1ndiList
  Recon Custom WordList Ganerator
  ☆56Updated 4 years ago
• war-and-code / akamai-arl-hack
  Script to test open Akamai ARL vulnerability.
  ☆70Updated 3 years ago
• BuffaloWill / burpsuite-project-file-parser
  A Burp Suite Extension for parsing Project Files from the CLI.
  ☆85Updated 3 months ago
• dariusztytko / vhosts-sieve
  Searching for virtual hosts among non-resolvable domains
  ☆87Updated 4 years ago
• ozguralp / synackapi
  ☆61Updated 5 months ago
• orlyjamie / asnrecon
  ASN reconnaissance script
  ☆124Updated 11 months ago
• Healdb / Elevate
  Horizontal Domain Discovery
  ☆75Updated last year
• kleiton0x00 / CORS-one-liner
  A one liner Bash command which finds CORS in every possible endpoint.
  ☆117Updated 4 years ago
• lc / jenkinz
  jenkinz is a tool to retrieve every build for every job ever created and run on a given Jenkins instance.
  ☆66Updated 5 years ago
• Sambal0x / Recon-tools
  Some of my bug bounty tools
  ☆48Updated 5 years ago
• fellchase / flumberboozle
  Suite of programs meant to aid in bug hunting and security assessments
  ☆77Updated 5 years ago
• gwen001 / dnspy
  Find subdomains and takeovers.
  ☆84Updated 2 years ago
• ethicalhackingplayground / wordlistgen
  Generates target specific word lists for Fuzzing with fuff
  ☆107Updated 4 years ago
• KathanP19 / portscan.sh
  All in one port scanning script.
  ☆68Updated 4 years ago
• bytebutcher / burp-send-to
  Adds a customizable "Send to..."-context-menu to your BurpSuite.
  ☆151Updated 2 years ago
• kleiton0x00 / CRLF-one-liner
  A simple Bash one liner with aim to automate CRLF vulnerability scanning.
  ☆68Updated 4 years ago
• Dheerajmadhukar / karma_v1
  KARMA is a simple bash script automation that can hit Shodan Premium API and find active IPs, ASN, Common Vulnerabilities, CVEs & Open Po…
  ☆58Updated 3 years ago
• rotemreiss / uddup
  Urls de-duplication tool for better recon.
  ☆137Updated 6 months ago
• AdmiralGaust / bountyRecon
  Bash script to automate Bug Bounty Reconnaissance
  ☆37Updated 4 years ago