cyver-core / ultimate-pentest-tools-list
The following include a list of pentest tools available across the web. Many are free and even open source, others are premium tools and require a monthly or yearly subscription. We’ll note when pentest tools aren’t free.
☆24Updated last year
Alternatives and similar repositories for ultimate-pentest-tools-list
Users that are interested in ultimate-pentest-tools-list are comparing it to the libraries listed below
Sorting:
- A proper approach to pentest a Web application with the mixture of all useful payloads and complete testing guidance of attacks. Designed…☆64Updated 3 months ago
- Scripts, files, cheatsheets and more used for pentesting and my OSWE / AWAE exam.☆86Updated this week
- This repository contains a curated list of websites and repositories featuring pentest & red-team resources such as cheatsheets, write-up…☆62Updated this week
- Web Application Penetration Testing☆112Updated last week
- Checks for SSRF using built-in custom Payloads after fetching URLs from Multiple Passive Sources & applying complex patterns aimed at SSR…☆121Updated 8 months ago
- A Tool for Bug Bounty Hunters that uses Passive and Active Techniques to fetch URLs as a strong Recon, so you can then create Attack Vect…☆75Updated 8 months ago
- ☆78Updated 2 years ago
- This is CheatSheet which I used on PJPT exam to fully compromise Domain Controller by doing internal network penentration testing.☆72Updated last year
- Welcome to the Bug Hunter's Wordlists repository! 🐛🔍 This repository serves as a comprehensive collection of essential wordlists utiliz…☆148Updated last year
- XSSRocket it is a tool designed for offensive security and XSS (Cross-Site Scripting) attacks.☆135Updated 7 months ago
- OSCP preperation and HackTheBox write ups.☆59Updated 2 years ago
- This is my personal repo, which includes bug bounty tips, a collection of tools, one-liners, and other resources I personally prefer whil…☆49Updated 3 weeks ago
- The repository contains useful GitHub dorks for finding open-source vulnerabilities.☆77Updated last year
- This repository contains my writeups for the labs in PortSwigger's Web Security Academy platform. Each lab writeup includes the lab's nam…☆91Updated last week
- All Apprentice and Practitioner-level Portswigger labs☆18Updated last year
- Here are some cool and some unpublished Dorks☆74Updated 4 months ago
- Welcome to RFS notes to CRTP - Certified Red Team Professional by Altered Security.☆19Updated 8 months ago
- A command-line tool to query the DeHashed API. Easily search for various parameters like usernames, emails, hashed passwords, IP addresse…☆231Updated last week
- ☆119Updated last year
- All cheetsheets with main information from HTB CBBH role path in one place.☆74Updated last year
- notes and ramblings from my OSCP/PenTesting Studies☆86Updated last year
- ☆43Updated 3 years ago
- This repository contains some of the most exhaustive wordlists for enumeration, gathered from a lot of wordlists available on the Interne…☆100Updated 6 months ago
- ☆51Updated last year
- Organize, track, and share vulnerability findings effortlessly. This Burp Suite extension integrates with Obsidian, offering a proven not…☆29Updated last month
- SQLMutant is a powerful SQL injection testing tool that includes both passive and active reconnaissance processes for any given domain. I…☆148Updated 5 months ago
- IDOR Forge is an advanced and versatile tool designed to detect Insecure Direct Object Reference (IDOR) vulnerabilities in web applicatio…☆118Updated last month
- Penetration testing tools cheat sheet, a quick reference high level overview for typical penetration testing engagements. Convenient comm…☆70Updated last week
- Scripts for offensive security☆116Updated 2 months ago
- I used the Templater community plugin in obsidian to automatically populate IP,username,password☆41Updated last year