Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
☆64Apr 1, 2021Updated 5 years ago
Alternatives and similar repositories for pentest-hacktricks
Users that are interested in pentest-hacktricks are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A simple password cracker written in Go, designed to search for a specific hashed password in a wordlist.☆13Feb 23, 2024Updated 2 years ago
- Command-line tool to identify useragents that bypasses proxy restrictions☆13Oct 23, 2025Updated 7 months ago
- ☆24Feb 15, 2026Updated 3 months ago
- Some nuclei templates for pentest CMS Bitrix☆42Nov 13, 2025Updated 6 months ago
- ☆63Sep 28, 2022Updated 3 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- ☆17Jun 25, 2025Updated 10 months ago
- SpecOps is a Burp Suite extension that ingests an OpenAPI or Swagger spec and instantly builds a workbench to test every documented endpo…☆32Mar 27, 2026Updated last month
- A collection of Awesome Frida Scripts for MAPT☆20Jan 7, 2023Updated 3 years ago
- ☆14Aug 28, 2023Updated 2 years ago
- ☆10Mar 11, 2024Updated 2 years ago
- Joomla login bruteforce☆120Jul 18, 2024Updated last year
- Jinja2 Template - AdminT Dashboard (Free Version) | AppSeed☆11May 17, 2021Updated 5 years ago
- An implementation of the DNS rebinding attack.☆16Apr 14, 2017Updated 9 years ago
- ☆40Jul 28, 2024Updated last year
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- 检测邮件发送的可行性,可用来红队作战中对目标邮箱账户测试。The feasibility sent by the detection mail can be used for the target mailbox account test in the Red Team b…☆10May 8, 2023Updated 3 years ago
- Real-Time JavaScript reverse engineering and debugging suite - Burp Suite, but for JavaScript☆17Jul 23, 2025Updated 10 months ago
- ☆12Jul 4, 2024Updated last year
- BOF POC of the DSCourier project / invoking WinGet via COM☆85Apr 23, 2026Updated last month
- Universal exploitation tool for CVE-2025-33073 targeting Windows Domain Controllers with DNSAdmins privileges and WinRM enabled.☆68Nov 14, 2025Updated 6 months ago
- CLI tool for discovering related base domains using WhoisXMLAPI's reverse Whois endpoints☆12Jun 15, 2024Updated last year
- Collection of steganography tools for images and text☆45Nov 15, 2023Updated 2 years ago
- Pentesting Apache Tomcat 101☆14Apr 4, 2023Updated 3 years ago
- A curated list of awesome ATM hacking resources.☆24Dec 4, 2025Updated 5 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- A Fast and Simple Grand Chase 3D Asset Converter (P3M/FRM Importer and Exporter)☆10Mar 14, 2026Updated 2 months ago
- VulnReach builds on standard SCA output by adding reachability context - proving through static analysis, taint tracking, and live runtim…☆20Updated this week
- ☆11Nov 22, 2021Updated 4 years ago
- A series of python scripts to extract information from Dark Web Applications☆14Mar 26, 2025Updated last year
- A simple bash script for Web Cache Deception exploitation.☆16Oct 7, 2024Updated last year
- A standalone collection of widely used technologies with default credentials enabled, which can be utilized for establishing an initial f…☆20Jun 1, 2024Updated last year
- ☆44Sep 25, 2025Updated 8 months ago
- My Kali Baseline Installer☆26Apr 2, 2020Updated 6 years ago
- ☆18Feb 15, 2025Updated last year
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- This tool automates and facilitates an AES CBC BitFlip attack☆21Jan 17, 2024Updated 2 years ago
- Pen Hunter is a comprehensive vulnerability scanning tool designed for penetration testers, security researchers and bug bounties. it aut…☆27May 4, 2026Updated 2 weeks ago
- ☆11May 1, 2026Updated 3 weeks ago
- ☆15Jun 5, 2024Updated last year
- A leaked version of Elementars.com☆16May 26, 2020Updated 5 years ago
- Collection of Cyber Threat Intelligence sources from the deep and dark web☆16Sep 10, 2025Updated 8 months ago
- ☆39Jul 1, 2025Updated 10 months ago