Alternatives and similar repositories for PayloadsAllTheThings

Users that are interested in PayloadsAllTheThings are comparing it to the libraries listed below

• mzfr / gtfo

  View on GitHub
  Search gtfobins and lolbas files from your terminal
  ☆462Jul 13, 2022Updated 3 years ago
• ret2jazzy / Struts-Apache-ExploitPack

  View on GitHub
  These are just some script which you can use to detect and exploit the Apache Struts Vulnerability (CVE-2017-5638)
  ☆16Mar 12, 2017Updated 8 years ago
• fnk0c / dot2moon

  View on GitHub
  Tool that checks for path traversal traces in a given web application url, plus it is capable of multi-threading, set timeout and 5-layer…
  ☆46Jul 13, 2018Updated 7 years ago
• rebootuser / LinEnum

  View on GitHub
  Scripted Local Linux Enumeration & Privilege Escalation Checks
  ☆7,822Sep 6, 2023Updated 2 years ago
• epinna / tplmap

  View on GitHub
  Server-Side Template Injection and Code Injection Detection and Exploitation Tool
  ☆4,117Apr 21, 2024Updated last year
• d35ha / xKeLogger

  View on GitHub
  Kernel mode windows NT API logger
  ☆22Sep 9, 2019Updated 6 years ago
• diego-treitos / linux-smart-enumeration

  View on GitHub
  Linux enumeration tool for pentesting and CTFs with verbosity levels
  ☆3,840Dec 25, 2023Updated 2 years ago
• jbarone / xxelab

  View on GitHub
  A simple web app with a XXE vulnerability.
  ☆230Nov 10, 2021Updated 4 years ago
• samratashok / nishang

  View on GitHub
  Nishang - Offensive PowerShell for red team, penetration testing and offensive security.
  ☆9,740Apr 25, 2024Updated last year
• Swafox / Django-example

  View on GitHub
  Basic Website template Django 2.2 Example + Python3
  ☆54Feb 9, 2022Updated 4 years ago
• swisskyrepo / PayloadsAllTheThings

  View on GitHub
  A list of useful payloads and bypass for Web Application Security and Pentest/CTF
  ☆75,135Feb 2, 2026Updated 2 weeks ago
• sagishahar / lpeworkshop

  View on GitHub
  Windows / Linux Local Privilege Escalation Workshop
  ☆2,045Oct 9, 2022Updated 3 years ago
• chrispetrou / FDsploit

  View on GitHub
  File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
  ☆272Mar 24, 2021Updated 4 years ago
• DominicBreuker / pspy

  View on GitHub
  Monitor linux processes without root permissions
  ☆5,871Jan 17, 2023Updated 3 years ago
• pentestmonkey / php-reverse-shell

  View on GitHub
  ☆2,706Aug 7, 2024Updated last year
• AutoRecon / AutoRecon

  View on GitHub
  AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.
  ☆5,898Jan 28, 2026Updated 2 weeks ago
• 0xInfection / XSRFProbe

  View on GitHub
  The Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit.
  ☆1,277Updated this week
• vpnguy-zz / HandyHeaderHacker

  View on GitHub
  Examine HTTP response headers for common security issues
  ☆38Jun 7, 2022Updated 3 years ago
• lmammino / jwt-cracker

  View on GitHub
  Simple HS256, HS384 & HS512 JWT token brute force cracker.
  ☆1,163Jul 13, 2024Updated last year
• fortra / impacket

  View on GitHub
  Impacket is a collection of Python classes for working with network protocols.
  ☆15,448Updated this week
• 411Hall / JAWS

  View on GitHub
  JAWS - Just Another Windows (Enum) Script
  ☆1,915Apr 19, 2021Updated 4 years ago
• ferreirasc / OSCP_study_guide

  View on GitHub
  Notes of my OSCP study plan
  ☆466Jun 29, 2022Updated 3 years ago
• ropnop / kerbrute

  View on GitHub
  A tool to perform Kerberos pre-auth bruteforcing
  ☆3,246Aug 20, 2024Updated last year
• netbiosX / Checklists

  View on GitHub
  Red Teaming & Pentesting checklists for various engagements
  ☆2,637Jul 27, 2025Updated 6 months ago
• strozfriedberg / Windows-Exploit-Suggester

  View on GitHub
  This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on th…
  ☆4,169May 11, 2023Updated 2 years ago
• KendoClaw1 / Open-Redirection-Scanner

  View on GitHub
  a python tool used to scan for Open redirection vulnerability
  ☆20Dec 29, 2017Updated 8 years ago
• The-XSS-Rat / uncles-labs

  View on GitHub
  hackxpert labs
  ☆18Jun 29, 2022Updated 3 years ago
• UserExistsError / webshooter

  View on GitHub
  Inspired by gowitness and EyeWitness
  ☆15Mar 11, 2025Updated 11 months ago
• EdOverflow / bugbounty-cheatsheet

  View on GitHub
  A list of interesting payloads, tips and tricks for bug bounty hunters.
  ☆6,376Sep 14, 2023Updated 2 years ago
• DiogoMRSilva / websitesVulnerableToSSTI

  View on GitHub
  Simple websites vulnerable to Server Side Template Injections(SSTI)
  ☆416Mar 16, 2023Updated 2 years ago
• Tib3rius / Pentest-Cheatsheets

  View on GitHub
  ☆1,151Apr 21, 2021Updated 4 years ago
• BC-SECURITY / Empire

  View on GitHub
  Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.
  ☆5,034Feb 8, 2026Updated last week
• peass-ng / PEASS-ng

  View on GitHub
  PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
  ☆19,268Feb 4, 2026Updated last week
• vp777 / metahttp

  View on GitHub
  A bash script that automates the scanning of a target network for HTTP resources through XXE
  ☆37Dec 2, 2020Updated 5 years ago
• calebstewart / pwncat

  View on GitHub
  Fancy reverse and bind shell handler
  ☆2,870Aug 9, 2024Updated last year
• andrew-d / static-binaries

  View on GitHub
  Various *nix tools built as statically-linked binaries
  ☆3,606Aug 21, 2023Updated 2 years ago
• noraj / OSCP-Exam-Report-Template-Markdown

  View on GitHub
  Markdown Templates for Offensive Security OSCP, OSWE, OSCE, OSEE, OSWP exam report
  ☆4,035Jul 30, 2025Updated 6 months ago
• Sambal0x / Recon-tools

  View on GitHub
  Some of my bug bounty tools
  ☆52Oct 23, 2019Updated 6 years ago
• The-Z-Labs / linux-exploit-suggester

  View on GitHub
  Linux privilege escalation auditing tool
  ☆6,389Updated this week