Alternatives and similar repositories for HackTheBox

Users that are interested in HackTheBox are comparing it to the libraries listed below

• 0xRTH / IISRecon
  IIS shortname scanner + bruteforce
  ☆52Updated last year
• tamimhasan404 / Gau-Expose
  It grep subdomains, email/username, build custom wordlist etc from gau results
  ☆48Updated 2 years ago
• akincibor / 403-bypass
  Enhanced 403 bypass header
  ☆21Updated 2 years ago
• abdallaabdalrhman / Wordlist-for-Bug-Bounty
  I collected it to help the bug hunter get a reward
  ☆58Updated 2 years ago
• ethicalhackingplayground / dnsresolver
  A Lightning-Fast DNS Resolver written in Rust 🦀
  ☆67Updated 6 months ago
• samirettali / bounty-notes
  My bug bounty notes
  ☆32Updated 4 years ago
• s0md3v / wl
  convert case style of words
  ☆40Updated last year
• Ravaan21 / Chandrahasa
  A solid recon tool I use personally.
  ☆30Updated 2 years ago
• r00tkie / grep-pattern
  collection of various grep patterns collected from tomnomnom/gf and other places
  ☆22Updated 4 years ago
• six2dez / resolvers_reconftw
  Resolvers updated daily for reconftw
  ☆47Updated 2 years ago
• OWASP / www-project-top-25-parameters
  OWASP Foundation Web Respository
  ☆25Updated 11 months ago
• RodricBr / OffSec-MISC
  Offensive Security MISC Annotations and Payloads for Ethical Hackers / Security Researchers
  ☆26Updated 5 months ago
• aniqfakhrul / lazyParam
  A simple automation tool to detect lfi, rce and ssti vulnerability
  ☆55Updated 3 years ago
• D1rk9ghT / Recon
  Bug Bounty Recon Tools
  ☆27Updated last year
• faiyazahmad07 / SSTI_DETECTOR
  This tool allows you to find ssti vulnerability with ease!
  ☆20Updated 2 years ago
• PwnAwan / Bug-Bounty-RoadMap
  Bug Bounty Methodology-slides by Muhammad M. Awali. Pentesting and Researcher Talks.
  ☆20Updated 2 years ago
• encodedguy / bugbounty-cheatsheet
  ☆34Updated 2 years ago
• devpwn / xmlrpc-scan
  golang tool to scan domains or single domains with know security issues against xmlrpc
  ☆62Updated last year
• PatrikFehrenbach / burpsuite-js-extractor
  A simple plugin to export JS files from one or multiple targets
  ☆42Updated last year
• ElSicarius / Supp-truder
  Supertruder but better
  ☆32Updated 2 years ago
• The-XSS-Rat / BugHuntingNotes
  ☆27Updated 5 years ago
• c0brabaghdad1 / DVPA
  Damn Vulnerable PHP Application (DVPA) - It is Lab Written in The PHP lang, Which Contains PHP Type Juggling - RCE Challenges
  ☆32Updated 3 years ago
• akshaysharma016 / aem-detector
  ☆21Updated 2 years ago
• ahmad0x1 / ARWAD
  Advanced Reconnaissance and Web Application Discovery
  ☆81Updated 3 years ago
• Naategh / dom-red
  Small script to check a list of domains against open redirect vulnerability
  ☆28Updated 3 years ago
• PatrikFehrenbach / vilicus
  vīlicus is a bug bounty api dashboard
  ☆41Updated last year
• Dheerajmadhukar / subzzZ
  SubzzZ to find possible subdomains using passive recon. Tool also support Permutations, Mutations, Alterations.
  ☆38Updated 4 years ago
• adamjsturge / easy-xsshunter-express
  The fastest way to setup XSSHunter. It has options for the official and Discord/Slack Forks
  ☆42Updated last year
• ghsec / BurpBountyProfile
  BurpSiute - BurpBounty Profiles
  ☆19Updated 2 years ago
• XalfiE / Bug-Bounty-Oneliners
  Oneliners curated from my experience and from the internet
  ☆22Updated 4 years ago