Alternatives and similar repositories for sqlmap

Users that are interested in sqlmap are comparing it to the libraries listed below

• maurosoria / dirsearch
  Web path scanner
  ☆13,400Updated 3 months ago
• xmendez / wfuzz
  Web application fuzzer
  ☆6,280Updated last year
• aboul3la / Sublist3r
  Fast subdomains enumeration tool for penetration testers
  ☆10,574Updated last year
• urbanadventurer / WhatWeb
  Next generation web scanner
  ☆6,061Updated 3 weeks ago
• andresriancho / w3af
  w3af: web application attack and audit framework, the open source web vulnerability scanner.
  ☆4,782Updated 2 years ago
• s0md3v / XSStrike
  Most advanced XSS scanner.
  ☆14,306Updated 4 months ago
• fuzzdb-project / fuzzdb
  Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
  ☆8,676Updated last year
• zaproxy / zaproxy
  The ZAP by Checkmarx Core project
  ☆14,098Updated this week
• sullo / nikto
  Nikto web server scanner
  ☆9,615Updated last week
• ffuf / ffuf
  Fast web fuzzer written in Go
  ☆14,736Updated 4 months ago
• offensive-security / exploitdb
  The legacy Exploit Database repository - New repo located at https://gitlab.com/exploit-database/exploitdb
  ☆7,817Updated 2 years ago
• beefproject / beef
  The Browser Exploitation Framework Project
  ☆10,435Updated this week
• tennc / webshell
  This is a webshell open source project
  ☆10,510Updated 8 months ago
• Audi-1 / sqli-labs
  SQLI labs to test error based, Blind boolean based, Time based.
  ☆5,574Updated last year
• vanhauser-thc / thc-hydra
  hydra
  ☆10,847Updated 2 weeks ago
• rapid7 / metasploit-framework
  Metasploit Framework
  ☆36,376Updated this week
• Arachni / arachni
  Web Application Security Scanner Framework
  ☆3,944Updated 3 months ago
• gentilkiwi / mimikatz
  A little tool to play with Windows security
  ☆20,764Updated 4 months ago
• codingo / NoSQLMap
  Automated NoSQL database enumeration and web application exploitation tool.
  ☆3,147Updated 3 weeks ago
• frohoff / ysoserial
  A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
  ☆8,503Updated last year
• guelfoweb / knock
  Knock Subdomain Scan
  ☆4,056Updated 3 months ago
• commixproject / commix
  Automated All-in-One OS Command Injection Exploitation Tool.
  ☆5,444Updated this week
• EnableSecurity / wafw00f
  WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.
  ☆5,866Updated this week
• TheRook / subbrute
  A DNS meta-query spider that enumerates DNS records, and subdomains.
  ☆3,461Updated 3 years ago
• wpscanteam / wpscan
  WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websit…
  ☆9,187Updated last week
• owasp-amass / amass
  In-depth attack surface mapping and asset discovery
  ☆13,537Updated last week
• projectdiscovery / httpx
  httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.
  ☆8,995Updated this week
• lanjelot / patator
  Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.
  ☆3,772Updated 3 months ago
• projectdiscovery / subfinder
  Fast passive subdomain enumeration tool.
  ☆12,262Updated this week
• threat9 / routersploit
  Exploitation Framework for Embedded Devices
  ☆12,743Updated 3 months ago