cyver-core / ultimate-pentest-tools-list
The following include a list of pentest tools available across the web. Many are free and even open source, others are premium tools and require a monthly or yearly subscription. We’ll note when pentest tools aren’t free.
☆19Updated last year
Alternatives and similar repositories for ultimate-pentest-tools-list:
Users that are interested in ultimate-pentest-tools-list are comparing it to the libraries listed below
- A Tool for Bug Bounty Hunters that uses Passive and Active Techniques to fetch URLs as a strong Recon, so you can then create Attack Vect…☆75Updated 7 months ago
- Checks for SSRF using built-in custom Payloads after fetching URLs from Multiple Passive Sources & applying complex patterns aimed at SSR…☆121Updated 7 months ago
- SQLMutant is a powerful SQL injection testing tool that includes both passive and active reconnaissance processes for any given domain. I…☆146Updated 4 months ago
- ☆118Updated last year
- Dnsbruter is a powerful tool designed to perform active subdomain enumeration and discovery. It uses DNS resolution to efficiently brutef…☆111Updated 3 months ago
- SubCerts is a simple tool that uses certificate transparency logs (via crt.sh) to extract subdomains of a given domain.☆71Updated 2 months ago
- Here are some cool and some unpublished Dorks☆70Updated 2 months ago
- Welcome to the Bug Hunter's Wordlists repository! 🐛🔍 This repository serves as a comprehensive collection of essential wordlists utiliz…☆146Updated 10 months ago
- XSSRocket it is a tool designed for offensive security and XSS (Cross-Site Scripting) attacks.☆132Updated 5 months ago
- A list of dorks for the Netlas.io search engine, with which you can find millions of objects in the boundless IoE. Contains queries to se…☆189Updated 4 months ago
- Parse FFUF results in GUI with option to sort based by response code , size , keyword☆95Updated 7 months ago
- I-Espresso is a tool that enables users to generate Portable Executable (PE) files from batch scripts. Leveraging IExpress, it demonstrat…☆75Updated 5 months ago
- Nuclei (https://github.com/projectdiscovery/nuclei) templates for extracting juicy info from web pages☆176Updated last year
- Xploitra is a powerful reverse shell payload generator for educational and security testing. It offers customizable payloads with advance…☆61Updated 5 months ago
- ☆56Updated 7 months ago
- Describe how to use ffuf different options with examples☆86Updated 2 years ago
- A collection of config files for linux focusing on hackthebox theme☆43Updated 3 months ago
- 🪄 XSSDynaGen is a tool designed to analyze URLs with parameters, identify the characters allowed by the server, and generate advanced XS…☆51Updated 3 months ago
- Probuster : A Python based Web Application Penetration testing tool for Information Gathering⚡.☆58Updated 4 months ago
- IDOR Forge is an advanced and versatile tool designed to detect Insecure Direct Object Reference (IDOR) vulnerabilities in web applicatio…☆92Updated this week
- ☆159Updated 5 months ago
- Certina is an OSINT tool for red teamers and bug hunters to discover subdomains from web certificate data☆55Updated last year
- All About Web Recon & OSINT☆120Updated last month
- ☆147Updated 9 months ago
- GoogleDorker - Unleash the power of Google dorking for ethical hackers with custom search precision.☆172Updated 3 months ago
- "XSS automation tool helps hackers identify and exploit cross-site scripting vulnerabilities in web apps. Tests for reflected and persist…☆92Updated 8 months ago
- CVE-2024-32640 | Automated SQLi Exploitation PoC☆63Updated 10 months ago
- This script Crawl the website and find the urls that contains html forms.☆71Updated 9 months ago
- Unwaf is a Go tool designed to help identify WAF bypasses using passive techniques, such as: SPF records and DNS history. By default, Unw…☆89Updated 8 months ago
- Mining URLs from Wayback Machine for bug hunting/fuzzing/further probing☆55Updated last year