Alternatives and similar repositories for Pentest-Tools

Users that are interested in Pentest-Tools are comparing it to the libraries listed below

• lightfaith / locasploit

  View on GitHub
  Local enumeration and exploitation framework.
  ☆18Aug 16, 2017Updated 8 years ago
• rajeshmajumdar / webdigger

  View on GitHub
  WebDigger is a python based tool, specially created to get a company's unknown domain for pentestor.
  ☆17Aug 6, 2016Updated 9 years ago
• Graph-X / davscan

  View on GitHub
  Fingerprints servers, finds exploits, scans WebDAV. May or may not also make coffee.
  ☆123Jul 9, 2019Updated 6 years ago
• silentsignal / wpc

  View on GitHub
  Windows Privesc Check
  ☆20May 20, 2014Updated 11 years ago
• koutto / java-binary-deserializer

  View on GitHub
  Java Binary data Deserializer/Serializer - Convert serialized Java Objects into readable XML
  ☆13Feb 25, 2019Updated 6 years ago
• phar / eyephish

  View on GitHub
  OpenCV based IDN option generator PoC
  ☆39Jan 18, 2017Updated 9 years ago
• tevora-threat / SecSmash

  View on GitHub
  ☆17Sep 14, 2017Updated 8 years ago
• ivanvza / sshscan

  View on GitHub
  Python script to scan for weak CBC ciphers, weak MAC algorithms and support auth methods.
  ☆17Apr 13, 2016Updated 9 years ago
• Danladi / HttpPwnly

  View on GitHub
  "Repeater" style XSS post-exploitation tool for mass browser control. Primarily a PoC to show why HttpOnly flag isn't a complete protecti…
  ☆138Dec 22, 2017Updated 8 years ago
• johnventura / The-Salad-Project

  View on GitHub
  ☆16Jul 19, 2017Updated 8 years ago
• whitehat-zero / PowEnum

  View on GitHub
  Executes common PowerSploit Powerview functions then combines output into a spreadsheet for easy analysis.
  ☆70Jul 26, 2018Updated 7 years ago
• milo2012 / nmap2nessus

  View on GitHub
  ☆46Sep 28, 2017Updated 8 years ago
• pinnace / burp-jwt-fuzzhelper-extension

  View on GitHub
  JWT Fuzzer for BurpSuite. Adds an Intruder hook for on-the-fly JWT fuzzing.
  ☆100Jul 29, 2019Updated 6 years ago
• DanMcInerney / SMB-reverse-brute

  View on GitHub
  Async'ly gather unique usernames thru null SMB sessions and bruteforce them with 2 passwords
  ☆51Oct 24, 2017Updated 8 years ago
• dsopas / rfd-checker

  View on GitHub
  RFD Checker - security CLI tool to test Reflected File Download issues
  ☆64Feb 26, 2019Updated 6 years ago
• jas502n / Jboss_JMXInvokerServlet_Deserialization_RCE

  View on GitHub
  Jboss_JMXInvokerServlet_Deserialization_RCE
  ☆21Sep 3, 2019Updated 6 years ago
• skelsec / PyKerberoast

  View on GitHub
  Implementing Kerberoast attack fully in python
  ☆72Sep 29, 2018Updated 7 years ago
• LinkedInAttic / sometime

  View on GitHub
  A BurpSuite plugin to detect Same Origin Method Execution vulnerabilities
  ☆60Apr 18, 2017Updated 8 years ago
• pentestgeek / burpcommander

  View on GitHub
  Ruby command-line interface to Burp Suite's REST API
  ☆58Apr 1, 2020Updated 5 years ago
• SpiderLabs / burplay

  View on GitHub
  Burplay is a Burp Extension allowing for replaying any number of requests using same modifications definition. Its main purpose is to aid…
  ☆83Sep 19, 2017Updated 8 years ago
• milo2012 / pentest_scripts

  View on GitHub
  ☆196Sep 27, 2018Updated 7 years ago
• superkojiman / dirtshell

  View on GitHub
  Provide a sort of shell-ish interface to make file directory traversal quicker and easier.
  ☆24Jan 1, 2017Updated 9 years ago
• vmnguyen / semgrep-rules

  View on GitHub
  My custom semgrep rules
  ☆23Sep 13, 2020Updated 5 years ago
• YalcinYolalan / WSSAT

  View on GitHub
  WEB SERVICE SECURITY ASSESSMENT TOOL
  ☆390Sep 24, 2021Updated 4 years ago
• hvqzao / report-ng

  View on GitHub
  Generate MS Word template-based reports with HP WebInspect / Burp Suite Pro input, own custom data and knowledge base.
  ☆67Feb 9, 2024Updated 2 years ago
• klsecservices / bat-armor

  View on GitHub
  Encode powershell payload into bat files
  ☆155Feb 1, 2018Updated 8 years ago
• leoloobeek / GoGreen

  View on GitHub
  Environmental (and http) keying for scripting languages
  ☆39Oct 5, 2018Updated 7 years ago
• vvalien / SharpMeter

  View on GitHub
  ☆139Jul 13, 2017Updated 8 years ago
• nvssks / Android-Responder

  View on GitHub
  Scripts for running Responder.py in an Android (rooted) device.
  ☆65Oct 25, 2016Updated 9 years ago
• ewilded / psychoPATH

  View on GitHub
  psychoPATH - an advanced path traversal tool. Features: evasive techniques, dynamic web root list generation, output encoding, site map-s…
  ☆277Feb 12, 2021Updated 5 years ago
• matthewdfuller / intellifuzz-xss

  View on GitHub
  An adaptive, intelligent XSS fuzzer that learns how the response is reflected and carefully crafts an XSS payload to match
  ☆42Sep 24, 2012Updated 13 years ago
• exploitagency / github-ESPloit

  View on GitHub
  !!! Deprecated See ESPloitV2 !!! Original PoC(Released: Sep 11, 2016) - WiFi controlled keystroke injection Using ESP8266 and 32u4 based…
  ☆49Jul 12, 2017Updated 8 years ago
• codewatchorg / SideStep

  View on GitHub
  Yet another AV evasion tool
  ☆117Jan 3, 2022Updated 4 years ago
• vletoux / NTLMInjector

  View on GitHub
  In case you didn't now how to restore the user password after a password reset (get the previous hash with DCSync)
  ☆169Jun 8, 2017Updated 8 years ago
• Plazmaz / MongoDB-HoneyProxy

  View on GitHub
  A honeypot proxy for mongodb. When run, this will proxy and log all traffic to a dummy mongodb server.
  ☆93Feb 20, 2023Updated 2 years ago
• scottjpack / shellshock_scanner

  View on GitHub
  Python Scanner for "ShellShock" (CVE-2014-6271)
  ☆45Sep 29, 2014Updated 11 years ago
• niemand-sec / RazorSyntaxWebshell

  View on GitHub
  Webshell for Razor Syntax (C#)
  ☆19May 5, 2017Updated 8 years ago
• mazen160 / struts-pwn_CVE-2017-9805

  View on GitHub
  An exploit for Apache Struts CVE-2017-9805
  ☆249Nov 7, 2017Updated 8 years ago
• airman604 / cms2cmd

  View on GitHub
  ☆10Nov 24, 2018Updated 7 years ago