Alternatives and similar repositories for web-hacking-playground

Users that are interested in web-hacking-playground are comparing it to the libraries listed below

• thecyberneh / scriptkiddi3

  View on GitHub
  Streamline your recon and vulnerability detection process with SCRIPTKIDDI3, A recon and initial vulnerability detection tool built using…
  ☆151Dec 26, 2023Updated 2 years ago
• Rnalter / ThunderCloud

  View on GitHub
  Cloud Exploit Framework
  ☆112May 11, 2022Updated 3 years ago
• kankburhan / gampung

  View on GitHub
  Gampung tools for find nuclei template from github
  ☆12Sep 6, 2023Updated 2 years ago
• leesoh / np

  View on GitHub
  A tool to parse, deduplicate, and query multiple port scans.
  ☆58Aug 11, 2023Updated 2 years ago
• random-robbie / wayback-saver

  View on GitHub
  Saves pages to Wayback machine
  ☆13Dec 2, 2024Updated last year
• h3xstream / waf-workshop

  View on GitHub
  ☆16Oct 30, 2022Updated 3 years ago
• kha1ifuzz / AD-Config-Automation

  View on GitHub
  Scripts and piece of codes used for Active Directory configuration
  ☆83Feb 14, 2023Updated 3 years ago
• d4rkiZ / ProcOpen-PHP-Webshell

  View on GitHub
  Experience the power of a PHP webshell designed to overcome the limitations of blacklisted system/exec functions.
  ☆24Jul 14, 2024Updated last year
• dn0m1n8tor / AndroidPentest101

  View on GitHub
  The motive to build this repo is to help beginner to start learn Android Pentesting by providing a roadmap.
  ☆434Jul 11, 2022Updated 3 years ago
• sepehrdaddev / zap-scripts

  View on GitHub
  Zed Attack Proxy Scripts for finding CVEs and Secrets.
  ☆128Jun 2, 2022Updated 3 years ago
• PlaytikaOSS / Leaktopus

  View on GitHub
  ☆30Jul 28, 2024Updated last year
• Devang-Solanki / recon.cloud

  View on GitHub
  recon.cloud is website that scans AWS, Azure and GCP public cloud footprint this GO tool only utilize its API for getting result to termi…
  ☆25Feb 11, 2023Updated 3 years ago
• The-XSS-Rat / uncles-labs

  View on GitHub
  hackxpert labs
  ☆18Jun 29, 2022Updated 3 years ago
• zzzteph / probable_subdomains

  View on GitHub
  Subdomains analysis and generation tool. Reveal the hidden!
  ☆244Jun 8, 2025Updated 8 months ago
• JeanPeyreMesMots / osx-password-dumper

  View on GitHub
  A tool to dump users's .plist on a Mac OS system and to convert them into a crackable hash
  ☆51Oct 12, 2024Updated last year
• JoelGMSec / Thunderstorm

  View on GitHub
  Modular framework to exploit UPS devices
  ☆64Mar 1, 2023Updated 2 years ago
• sAjibuu / Upload_Bypass

  View on GitHub
  A simple tool for bypassing file upload restrictions.
  ☆892Jul 22, 2024Updated last year
• buggysolid / bugbounty-wordlist

  View on GitHub
  Real world bug bounty wordlists
  ☆117Jul 20, 2023Updated 2 years ago
• Th0h0 / autossrf

  View on GitHub
  Smart context-based SSRF vulnerability scanner.
  ☆361May 5, 2022Updated 3 years ago
• HadessCS / Artemis

  View on GitHub
  APK Infrastructure Investigator
  ☆64Jun 20, 2023Updated 2 years ago
• MantisSTS / GoCloud

  View on GitHub
  Checks whether a domain is hosted on a cloud service such as AWS, Azure or CloudFlare
  ☆59Jan 10, 2023Updated 3 years ago
• ST1LLY / dc-sonar

  View on GitHub
  Analyzing AD domains for security risks related to user accounts
  ☆64Nov 11, 2022Updated 3 years ago
• ascr0b / PCWT

  View on GitHub
  ☆46Mar 20, 2021Updated 4 years ago
• kleiton0x00 / RedditC2

  View on GitHub
  Abusing Reddit API to host the C2 traffic, since most of the blue-team members use Reddit, it might be a great way to make the traffic lo…
  ☆270Jan 18, 2023Updated 3 years ago
• redhuntlabs / HTTPLoot

  View on GitHub
  An automated tool which can simultaneously crawl, fill forms, trigger error/debug pages and "loot" secrets out of the client-facing code …
  ☆407Jan 22, 2025Updated last year
• aristosMiliaressis / pwnctl

  View on GitHub
  a recon framework that facilitates discovering, scanning and monitoring assets trough a configurable engine running on serverless aws inf…
  ☆12Aug 26, 2024Updated last year
• scheatkode / presshell

  View on GitHub
  🚪 Quick & dirty Wordpress Command Execution Shell
  ☆66Jan 24, 2022Updated 4 years ago
• gwen001 / gitlab-subdomains

  View on GitHub
  Find subdomains on GitLab.
  ☆104Apr 28, 2024Updated last year
• 3a7 / SQLi-Hunter-v2

  View on GitHub
  The second version of SQL Hunter. SQLi Hunter is a URL (Blind) SQL injection checker for multiple pages.
  ☆93Mar 4, 2023Updated 2 years ago
• kavishkagihan / Cannon

  View on GitHub
  Cannon is a post-exploitation framework fully developed using python3. You will be able to download and upload files, run pre-defined mod…
  ☆19Jul 21, 2021Updated 4 years ago
• hcbaker / Klyda

  View on GitHub
  Highly configurable script for dictionary/spray attacks against online web applications.
  ☆53Nov 8, 2022Updated 3 years ago
• t3l3machus / toxssin

  View on GitHub
  An XSS exploitation command-line interface and payload generator.
  ☆1,415Jan 19, 2025Updated last year
• Fundacio-i2CAT / InfoHound

  View on GitHub
  InfoHound is an OSINT to extract a large amount of data given a web domain name.
  ☆162Oct 8, 2025Updated 4 months ago
• botesjuan / Burp-Suite-Certified-Practitioner-Exam-Study

  View on GitHub
  Burp Suite Certified Practitioner Exam Study
  ☆1,310Feb 5, 2026Updated last week
• dsecuredcom / vhost-fuzzer

  View on GitHub
  Tool to fuzz for interesting vhost.
  ☆23Jan 8, 2025Updated last year
• tasooshi / brutas

  View on GitHub
  Wordlists handcrafted (and automated) with ♥
  ☆228Aug 1, 2025Updated 6 months ago
• CyberCX-STA / PurpleOps

  View on GitHub
  An open-source self-hosted purple team management web application.
  ☆302Jan 28, 2026Updated 2 weeks ago
• j3ssie / json-cleaner

  View on GitHub
  The utility aims to clean up output generated by popular tools by calculating a hash based on specific JSON values to removing junk data.
  ☆16Apr 5, 2024Updated last year
• hahwul / RegexPassive

  View on GitHub
  🔭 Collection of regexp pattern for security passive scanning
  ☆116Feb 18, 2023Updated 2 years ago