righettod/toolbox-pentest-web external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

righettod/toolbox-pentest-web

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/righettod/toolbox-pentest-web)

Close

righettod / toolbox-pentest-webView on GitHubMore

• External links
• Readme badge

Docker toolbox for pentest of web based application.

☆184Jun 14, 2026Updated this week

Alternatives and similar repositories for toolbox-pentest-web

Users that are interested in toolbox-pentest-web are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• righettod / website-passive-reconnaissance

  View on GitHub
  Script to automate, when possible, the passive reconnaissance performed on a website prior to an assessment.
  ☆39Jun 12, 2026Updated last week
• righettod / burp-piper-custom-scripts

  View on GitHub
  Custom scripts for the PIPER Burp extensions.
  ☆98Sep 24, 2023Updated 2 years ago
• Leoid / NonPublishedExploits

  View on GitHub
  A Collection of Proof of Concepts for non-published Web Exploits and Common CVEs
  ☆10Nov 29, 2020Updated 5 years ago
• xerohackcom / webrecon

  View on GitHub
  Automated Web Recon Shell Scripts
  ☆54Dec 6, 2021Updated 4 years ago
• lc / brute53

  View on GitHub
  A tool to bruteforce nameservers when working with subdomain delegations to AWS.
  ☆58Aug 22, 2019Updated 6 years ago
• Open source password manager - Proton Pass • Ad
  Securely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
• bugbountyhunters / Iris-JS

  View on GitHub
  #JavascriptRecon #bugbounty
  ☆21Aug 18, 2021Updated 4 years ago
• 1ultimat3 / tld-scan

  View on GitHub
  Top level domain scanner in Go
  ☆30Sep 24, 2023Updated 2 years ago
• Abdulrahman-Kamel / dpfilter

  View on GitHub
  BugBounty , sort and delete duplicates param value without missing original value
  ☆22Jul 31, 2021Updated 4 years ago
• vp777 / metahttp

  View on GitHub
  A bash script that automates the scanning of a target network for HTTP resources through XXE
  ☆38Dec 2, 2020Updated 5 years ago
• 254Labs / awesome-bambdas

  View on GitHub
  A collection of Burp Suite Lambda Filters ~ Bambdas
  ☆31Oct 1, 2024Updated last year
• lanmaster53 / pyscripter-er

  View on GitHub
  A framework built on top of Burp's Python Scripter extension.
  ☆93Dec 28, 2023Updated 2 years ago
• Leoid / AWSBurpCollaborator

  View on GitHub
  Deploy a Private Burpsuite Collaborator using boto3 Python Library
  ☆57Feb 20, 2020Updated 6 years ago
• kleiton0x00 / HTTP-Smuggling-Calculator

  View on GitHub
  Perform TE.CL HTTP Request Smuggling attacks by crafting HTTP Request automatically.
  ☆73Mar 12, 2022Updated 4 years ago
• akabe1 / OAUTHScan

  View on GitHub
  Burp Suite Extension useful to verify OAUTHv2 and OpenID security
  ☆178Oct 26, 2024Updated last year
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• karthi-the-hacker / pr0xyP4rs3

  View on GitHub
  Load your data into burp
  ☆11Apr 26, 2023Updated 3 years ago
• DK9510 / automate-with-actions

  View on GitHub
  ☆18Apr 7, 2022Updated 4 years ago
• abdallaabdalrhman / Wordlist-for-Bug-Bounty

  View on GitHub
  I collected it to help the bug hunter get a reward
  ☆58Sep 7, 2022Updated 3 years ago
• AdmiralGaust / bountyReconV2

  View on GitHub
  Framework to automate Bug Bounty Reconnaissance
  ☆43Jan 4, 2021Updated 5 years ago
• ethicalhackingplayground / endzy

  View on GitHub
  Endpoint monitor tool
  ☆21Sep 16, 2020Updated 5 years ago
• dreadnode / burpference

  View on GitHub
  A research project to add some brrrrrr to Burp
  ☆211Feb 16, 2026Updated 4 months ago
• e11i0t4lders0n / my_aws_blogs

  View on GitHub
  ☆12Dec 26, 2021Updated 4 years ago
• victoni / Bug-Bounty-Scripts

  View on GitHub
  The scripts I write to help me on my bug bounty hunting
  ☆126Jan 8, 2022Updated 4 years ago
• mzfr / takeover

  View on GitHub
  A tool for testing subdomain takeover possibilities at a mass scale.
  ☆50May 23, 2021Updated 5 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
• NagliNagli / Shockwave-OSS

  View on GitHub
  ☆753Jun 26, 2024Updated last year
• michael1026 / trashcompactor

  View on GitHub
  ☆65Nov 29, 2022Updated 3 years ago
• righettod / injection-cheat-sheets

  View on GitHub
  Provide some tips to handle Injection into application code (OWASP TOP 10 - A1).
  ☆10Nov 11, 2020Updated 5 years ago
• Static-Flow / BurpGraphQLViewer

  View on GitHub
  This extension provides a central location for viewing all GraphQL requests/responses within a Burp project. It provides a clean UI that …
  ☆16Feb 24, 2022Updated 4 years ago
• kelbyludwig / saml-attack-surface

  View on GitHub
  ☆30Jan 15, 2017Updated 9 years ago
• z3dc0ps / 0x0p1n3r

  View on GitHub
  0x0p1n3r is set of combination of other tools and one line scripts to find subdomains easily and to check subdomain takeover
  ☆57Dec 15, 2020Updated 5 years ago
• iustin24 / chameleon

  View on GitHub
  ☆383May 17, 2023Updated 3 years ago
• th3hack3rwiz / Fu-JS

  View on GitHub
  This tool aims at accumulating javascript files from a given set of subdomains to discover hidden endpoints. It swims through JS files to…
  ☆73Dec 28, 2022Updated 3 years ago
• GangGreenTemperTatum / stickyburp

  View on GitHub
  A Productivity-Boosting Burp Suite extension written in Kotlin that enables persistent sticky session handling in web application testing…
  ☆14Oct 8, 2025Updated 8 months ago
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• justmorpheus / burp-automation

  View on GitHub
  Performing automated scan using Burp Suite Pro & Vmware Burp Rest API
  ☆55Sep 30, 2022Updated 3 years ago
• BlackFan / CVE_PoCs

  View on GitHub
  CVE PoCs
  ☆21Jul 16, 2020Updated 5 years ago
• Dheerajmadhukar / karma_v1

  View on GitHub
  KARMA is a simple bash script automation that can hit Shodan Premium API and find active IPs, ASN, Common Vulnerabilities, CVEs & Open Po…
  ☆58Sep 6, 2021Updated 4 years ago
• BitTheByte / WayRobots

  View on GitHub
  Tool to find stored robots.txt files from the past
  ☆20Jun 4, 2023Updated 3 years ago
• cxai / Checkmarx-PowerTools

  View on GitHub
  A collection of various scripts and automations to simplify Checkmarx SAST and IAST setup and use
  ☆14Aug 30, 2018Updated 7 years ago
• mzfr / notes

  View on GitHub
  A miscellany of thoughts.
  ☆49Mar 31, 2024Updated 2 years ago
• gnothiseautonlw / burp-shell-fwd-lfi

  View on GitHub
  A Burp Suite plugin/extension that offers a shell in Burp. Both useful for OS Command injection and LFI exploration
  ☆79Sep 11, 2020Updated 5 years ago