Compilation of scripts/tools (made by me or not) that help me with Pentest and Bug Bounty.
☆25Dec 22, 2025Updated 4 months ago
Alternatives and similar repositories for pentest-scripts
Users that are interested in pentest-scripts are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Tools used for Pentesting☆22Apr 21, 2023Updated 3 years ago
- ☆13Apr 21, 2021Updated 5 years ago
- Injector a.k.a tr4c1l0rds is a tool to run simultaneous sql injections attacks anonymously using containers.☆19Jul 21, 2023Updated 2 years ago
- Auto Web Vulnerability Scanning Framework☆10Feb 3, 2016Updated 10 years ago
- Tool for obtaining information about PPL processes☆16Feb 12, 2024Updated 2 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- We all know about the famous spyse.com this python3 scripts scrounges subdomains without the api from spyse cybersecurity search engine☆11May 13, 2020Updated 6 years ago
- Command List for Hashcat and default keyspaces.☆17Feb 13, 2020Updated 6 years ago
- Compilation of commands, tips and scripts that helped me throughout Vulnhub, Hackthebox, OSCP and real scenarios☆13Jan 17, 2018Updated 8 years ago
- Use Python to manipulate Charles session files and send HTTP requests.☆13Dec 8, 2022Updated 3 years ago
- xsschecker tests endpoints for reflected XSS by injecting payloads and checking responses. It prints vulnerable if the payload is reflect…☆37Nov 3, 2025Updated 6 months ago
- Automatically exported from code.google.com/p/lfimap☆16Mar 5, 2016Updated 10 years ago
- A powerful pentesting tool for proactive detection and exploitation of dependency confusion vulnerabilities in Node.js projects. Enhance …☆14Jul 25, 2023Updated 2 years ago
- A fast and efficient subdomain hijacking scanner that checks for takeover vulnerabilities by matching HTTP response bodies against predef…☆30Apr 12, 2026Updated last month
- gorobots - robots.txt recon & path discovery in Go. Structured parsing, 29-category sensitivity classification, concurrent path probing, …☆16Apr 10, 2026Updated last month
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Creating them Golden Tickets☆14Aug 16, 2025Updated 9 months ago
- ☆11Jan 23, 2025Updated last year
- ATT&CK Models of the Threat Actor "Phineas Fisher"☆20Apr 30, 2020Updated 6 years ago
- strong-frida patches☆25Jan 17, 2023Updated 3 years ago
- Shellcode Loader | xss.is☆13Jul 26, 2024Updated last year
- ☆18Apr 9, 2024Updated 2 years ago
- Collection of antivirus bypass techniques☆13Nov 20, 2023Updated 2 years ago
- ☆38Oct 3, 2023Updated 2 years ago
- Ransomware Simulator for Red/Blue teams to test their defences.☆20Apr 4, 2022Updated 4 years ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- Your bloodhound for hidden info in those JS files.☆17May 13, 2024Updated 2 years ago
- ☆11Dec 22, 2023Updated 2 years ago
- Repository with quick triggers to help during Pentest in an Active Directory environment.☆50Jul 28, 2025Updated 9 months ago
- Demo of various ways to exploit post based reflected XSS☆18Jul 6, 2023Updated 2 years ago
- Ansible build for Afl++ Frida-Mode☆25May 11, 2026Updated last week
- create customized .onion addresses for your hidden service,make shallot and eschalot tools☆13Jan 18, 2022Updated 4 years ago
- go-utils☆12Nov 22, 2025Updated 6 months ago
- 在线安软识别☆12Aug 6, 2025Updated 9 months ago
- Nexus of Android banking Trojans☆14Oct 11, 2023Updated 2 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Cobaltstrike UDRL with memory evasion☆15May 16, 2024Updated 2 years ago
- YAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.☆27Dec 14, 2021Updated 4 years ago
- Used to get NTLMv2 Hashes from SMB☆24Oct 24, 2024Updated last year
- CLI-based 802.11 Rogue (Fake) AP & Hidden AP Spotter☆14Dec 26, 2025Updated 4 months ago
- Offensive Web is a documentation website about web security research, bypass and new exploitation techniques.☆34Feb 14, 2026Updated 3 months ago
- Stupid Simple Detection Testing☆13Mar 7, 2024Updated 2 years ago
- Rich woman scanner --富婆扫描器☆37Jul 18, 2022Updated 3 years ago