Alternatives and similar repositories for DVWA:

Users that are interested in DVWA are comparing it to the libraries listed below

• MUAZMHAFIDZ / React-Chat-App
  ☆10Updated 9 months ago
• fuzzdb-project / fuzzdb
  Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
  ☆8,265Updated last year
• OJ / gobuster
  Directory/File, DNS and VHost busting tool written in Go
  ☆10,247Updated 3 weeks ago
• commixproject / commix
  Automated All-in-One OS Command Injection Exploitation Tool.
  ☆4,629Updated this week
• xmendez / wfuzz
  Web application fuzzer
  ☆5,975Updated 3 months ago
• urbanadventurer / WhatWeb
  Next generation web scanner
  ☆5,579Updated 4 months ago
• epinna / tplmap
  Server-Side Template Injection and Code Injection Detection and Exploitation Tool
  ☆3,804Updated 7 months ago
• fortra / impacket
  Impacket is a collection of Python classes for working with network protocols.
  ☆13,600Updated this week
• byt3bl33d3r / CrackMapExec
  A swiss army knife for pentesting networks
  ☆8,476Updated 11 months ago
• epinna / weevely3
  Weaponized web shell
  ☆3,208Updated last month
• rebootuser / LinEnum
  Scripted Local Linux Enumeration & Privilege Escalation Checks
  ☆7,064Updated last year
• The-Z-Labs / linux-exploit-suggester
  Linux privilege escalation auditing tool
  ☆5,685Updated 9 months ago
• foospidy / payloads
  Git All the Payloads! A collection of web attack payloads.
  ☆3,633Updated last year
• 1N3 / IntruderPayloads
  A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and…
  ☆3,691Updated 3 years ago
• andresriancho / w3af
  w3af: web application attack and audit framework, the open source web vulnerability scanner.
  ☆4,590Updated last year
• aboul3la / Sublist3r
  Fast subdomains enumeration tool for penetration testers
  ☆9,905Updated 4 months ago
• EnableSecurity / wafw00f
  WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.
  ☆5,320Updated this week
• RedSiege / EyeWitness
  EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.
  ☆5,013Updated last month
• BloodHoundAD / BloodHound
  Six Degrees of Domain Admin
  ☆9,934Updated 5 months ago
• nixawk / pentest-wiki
  PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with othe…
  ☆3,482Updated last year
• ffuf / ffuf
  Fast web fuzzer written in Go
  ☆12,792Updated 5 months ago
• GTFOBins / GTFOBins.github.io
  GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
  ☆10,957Updated last month
• payloadbox / xss-payload-list
  🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
  ☆6,436Updated 4 months ago
• owasp-amass / amass
  In-depth attack surface mapping and asset discovery
  ☆12,149Updated this week
• zardus / ctf-tools
  Some setup scripts for security research tools.
  ☆8,557Updated last year
• ticarpi / jwt_tool
  A toolkit for testing, tweaking and cracking JSON Web Tokens
  ☆5,476Updated 4 months ago
• mandiant / commando-vm
  Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@mand…
  ☆6,988Updated 2 months ago
• codingo / NoSQLMap
  Automated NoSQL database enumeration and web application exploitation tool.
  ☆2,937Updated 4 months ago
• LOLBAS-Project / LOLBAS
  Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
  ☆7,135Updated 3 weeks ago
• payloadbox / command-injection-payload-list
  🎯 Command Injection Payload List
  ☆3,023Updated 4 months ago