Alternatives and similar repositories for vulns

Users that are interested in vulns are comparing it to the libraries listed below

• appsecco / using-docker-kubernetes-for-automating-appsec-and-osint-workflows

  View on GitHub
  Repository for all the workshop content delivered at nullcon X on 1st of March 2019
  ☆80Apr 4, 2019Updated 6 years ago
• jaegeral / awesome-cyber-civil-society-actors

  View on GitHub
  A curated lust of awesome cyber civil society actors, project etc.
  ☆10Jul 16, 2020Updated 5 years ago
• VoidSec / CVE-2019-5624

  View on GitHub
  A proof of concept for Metasploit's CVE-2019-5624 vulnerability (Rubyzip insecure ZIP handling RCE)
  ☆13May 2, 2019Updated 6 years ago
• hook-s3c / CVE-2018-11776-Python-PoC

  View on GitHub
  Working Python test and PoC for CVE-2018-11776, includes Docker lab
  ☆125Aug 25, 2018Updated 7 years ago
• ThunderGunExpress / CustomStager

  View on GitHub
  ☆17Jul 26, 2018Updated 7 years ago
• JaewoongMoon / fuzzler

  View on GitHub
  burp extender for fuzzing
  ☆10Aug 10, 2018Updated 7 years ago
• cosmoscrew / gomassdns

  View on GitHub
  A better dns bruteforcer written in golang
  ☆13Nov 4, 2018Updated 7 years ago
• OmerYa / Named-Pipe-Sniffer

  View on GitHub
  Mario & Luigi - Tools for sniffing Windows Named Pipes communication
  ☆129Nov 15, 2016Updated 9 years ago
• RUB-NDS / SAML-XXE-Test

  View on GitHub
  Simple XXE test suite generated specifically for SAML interfaces
  ☆22May 18, 2018Updated 7 years ago
• TKCERT / mail-security-tester

  View on GitHub
  A testing framework for mail security and filtering solutions.
  ☆245Jul 24, 2023Updated 2 years ago
• hannob / snallygaster

  View on GitHub
  Tool to scan for secret files on HTTP servers
  ☆2,100Feb 4, 2026Updated last week
• OneLogicalMyth / zeroday-powershell

  View on GitHub
  A PowerShell example of the Windows zero day priv esc
  ☆328Sep 12, 2018Updated 7 years ago
• PaulSec / pepito

  View on GitHub
  Finds sensitive stuff in your git repository by specifying terms to look for
  ☆31Feb 16, 2018Updated 7 years ago
• darrenmartyn / vBulldozer

  View on GitHub
  Very loud vBulletin exploit
  ☆14Aug 12, 2020Updated 5 years ago
• csirt-tooling-org / csirt-tooling-best-practices

  View on GitHub
  CSIRT Tooling: Best Practices in Developing, Maintaining and Distributing Open Source Tools
  ☆16Jun 20, 2022Updated 3 years ago
• fcavallarin / domdig

  View on GitHub
  DOM XSS scanner for Single Page Applications
  ☆417Nov 15, 2025Updated 2 months ago
• Phoul / yara_rules

  View on GitHub
  yara rules for cryptography detection
  ☆30Apr 28, 2014Updated 11 years ago
• eur0pa / goGetBucket

  View on GitHub
  A penetration testing tool to enumerate and analyse Amazon S3 Buckets owned by a domain.
  ☆26Dec 12, 2018Updated 7 years ago
• joxeankoret / deeptoad

  View on GitHub
  DeepToad is a library and a tool to clusterize similar files using fuzzy hashing
  ☆20Apr 5, 2020Updated 5 years ago
• RUB-NDS / Metadata-Attacker

  View on GitHub
  A tool to generate media files with malicious metadata
  ☆129Feb 2, 2019Updated 7 years ago
• welchbj / bscan

  View on GitHub
  an asynchronous target enumeration tool
  ☆245Dec 8, 2022Updated 3 years ago
• s4n7h0 / Practical-Reverse-Engineering-using-Radare2

  View on GitHub
  Training Materials of Practical Reverse Engineering using Radare2
  ☆107Feb 18, 2017Updated 8 years ago
• tosebro / SqlPoC

  View on GitHub
  A burp extension to generate sqlmap PoC from target HTTP request.
  ☆27Jan 8, 2017Updated 9 years ago
• smgorelik / Windows-RCE-exploits

  View on GitHub
  The exploit samples database is a repository for **RCE** (remote code execution) exploits and Proof-of-Concepts for **WINDOWS**, the samp…
  ☆747Dec 11, 2023Updated 2 years ago
• samhaxr / XXRF-Shots

  View on GitHub
  XXRF Shots - Useful for testing SSRF vulnerability
  ☆74Feb 18, 2023Updated 2 years ago
• random-robbie / Jira-Scan

  View on GitHub
  CVE-2017-9506 - SSRF
  ☆190Feb 14, 2022Updated 3 years ago
• adrianherrera / afl-mutation-graph

  View on GitHub
  Recover mutation graph from an AFL seed
  ☆60Jan 6, 2021Updated 5 years ago
• ztgrace / pwn_lab

  View on GitHub
  ☆90Sep 18, 2017Updated 8 years ago
• 0xdeadbeefJERKY / presentations

  View on GitHub
  ☆18Jun 21, 2019Updated 6 years ago
• ropnop / serverless_toolkit

  View on GitHub
  A collection of useful Serverless functions I use when pentesting
  ☆391Dec 9, 2022Updated 3 years ago
• simonuvarov / expdev

  View on GitHub
  Vulnerable software and exploits used for OSCP/OSCE preparation
  ☆25Jul 7, 2017Updated 8 years ago
• si9int / cc.py

  View on GitHub
  Extracting URLs of a specific target based on the results of "commoncrawl.org"
  ☆275Dec 4, 2025Updated 2 months ago
• devoteam-cybertrust / droidstatx

  View on GitHub
  Python tool that generates an Xmind map with all the information gathered and any evidence of possible vulnerabilities identified via sta…
  ☆125Dec 9, 2018Updated 7 years ago
• codingo / VHostScan

  View on GitHub
  A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, al…
  ☆1,283Aug 18, 2025Updated 5 months ago
• nccgroup / BurpSuiteHTTPSmuggler

  View on GitHub
  A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques
  ☆735May 4, 2019Updated 6 years ago
• xorrior / RemoteRecon

  View on GitHub
  Remote Recon and Collection
  ☆459Nov 23, 2017Updated 8 years ago
• quickbreach / SMBetray

  View on GitHub
  SMB MiTM tool with a focus on attacking clients through file content swapping, lnk swapping, as well as compromising any data passed over…
  ☆383Aug 17, 2018Updated 7 years ago
• achillean / redis-keys

  View on GitHub
  Using Shodan to get a breakdown of the most common key names in public Redis servers.
  ☆13Dec 10, 2017Updated 8 years ago
• adulau / pdns-qof-server

  View on GitHub
  Passive DNS server interface compliant to "Common Output Format"
  ☆10Sep 19, 2016Updated 9 years ago