Alternatives and similar repositories for brutas

Users that are interested in brutas are comparing it to the libraries listed below

• j3ssie / durl

  View on GitHub
  Remove duplicate URLs by retaining only the unique combinations of hostname, path, and parameter names
  ☆40May 5, 2024Updated last year
• Tw1sm / RITM

  View on GitHub
  Roast in the Middle
  ☆296Sep 19, 2025Updated 4 months ago
• haticeerturk / scoper

  View on GitHub
  This is a Burp Suite extension that allows users to easily add web addresses to the Burp Suite scope.
  ☆97Jan 2, 2025Updated last year
• blacklanternsecurity / MANSPIDER

  View on GitHub
  Spider entire networks for juicy files sitting on SMB shares. Search filenames or file content - regex supported!
  ☆1,288Feb 5, 2026Updated last week
• Dec0ne / ShadowSpray

  View on GitHub
  A tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other ob…
  ☆482Oct 14, 2022Updated 3 years ago
• wdahlenburg / VhostFinder

  View on GitHub
  Identify virtual hosts by similarity comparison
  ☆134Aug 12, 2024Updated last year
• gwen001 / bxss

  View on GitHub
  Alternative to XSS Hunter for blind XSS.
  ☆51Dec 8, 2022Updated 3 years ago
• kankburhan / gampung

  View on GitHub
  Gampung tools for find nuclei template from github
  ☆12Sep 6, 2023Updated 2 years ago
• knavesec / CredMaster

  View on GitHub
  Refactored & improved CredKing password spraying tool, uses FireProx APIs to rotate IP addresses, stay anonymous, and beat throttling
  ☆1,254Mar 19, 2025Updated 10 months ago
• iustin24 / chameleon

  View on GitHub
  ☆383May 17, 2023Updated 2 years ago
• six2dez / OneListForAll

  View on GitHub
  Rockyou for web fuzzing
  ☆3,014Aug 28, 2025Updated 5 months ago
• skahwah / SQLRecon

  View on GitHub
  A C# MS SQL toolkit designed for offensive reconnaissance and post-exploitation.
  ☆777Oct 16, 2025Updated 3 months ago
• RedTeamPentesting / pretender

  View on GitHub
  Your MitM sidekick for relaying attacks featuring DHCPv6 DNS takeover as well as mDNS, LLMNR and NetBIOS-NS spoofing.
  ☆1,256Dec 9, 2025Updated 2 months ago
• laluka / bypass-url-parser

  View on GitHub
  bypass-url-parser
  ☆1,111Updated this week
• adanalvarez / SimpleAutoBurp

  View on GitHub
  Python script to launch burp scans automatically
  ☆33Jul 18, 2021Updated 4 years ago
• D4Vinci / CWFF

  View on GitHub
  Create your Custom Wordlist For Fuzzing
  ☆202Oct 14, 2024Updated last year
• puzzlepeaches / msprobe

  View on GitHub
  Finding all things on-prem Microsoft for password spraying and enumeration.
  ☆258May 17, 2022Updated 3 years ago
• trickest / wordlists

  View on GitHub
  Real-world infosec wordlists, updated regularly
  ☆1,632Updated this week
• mitchmoser / LACheck

  View on GitHub
  ☆93Aug 23, 2021Updated 4 years ago
• KINGSABRI / ServerlessRedirector

  View on GitHub
  Serverless Redirector in various cloud vendor for red team
  ☆73Dec 8, 2022Updated 3 years ago
• zimnyaa / inmembof.py

  View on GitHub
  A small example of loading BOFs in Python with pure reflection
  ☆19Jan 26, 2023Updated 3 years ago
• nil0x42 / duplicut

  View on GitHub
  Remove duplicates from MASSIVE wordlist, without sorting it (for dictionary-based password cracking)
  ☆966Nov 4, 2025Updated 3 months ago
• Orange-Cyberdefense / graphcat

  View on GitHub
  Generate graphs and charts based on password cracking result
  ☆163Feb 17, 2023Updated 2 years ago
• zzeitlin / udedup

  View on GitHub
  A modular URL deduplication tool.
  ☆19Feb 19, 2025Updated 11 months ago
• p0dalirius / webapp-wordlists

  View on GitHub
  This repository contains wordlists for each versions of common web applications and content management systems (CMS). Each version contai…
  ☆533Dec 4, 2024Updated last year
• j3ssie / goverview

  View on GitHub
  goverview - Get an overview of the list of URLs
  ☆143Dec 5, 2025Updated 2 months ago
• t3l3machus / eviltree

  View on GitHub
  A python3 remake of the classic "tree" command with the additional feature of searching for user provided keywords/regex in files, highli…
  ☆409Jan 19, 2025Updated last year
• xRET2pwn / Teamsniper

  View on GitHub
  Teamsniper is a tool for fetching keywords in a Microsoft Teams such as (passwords, emails, database, etc.).
  ☆199Sep 19, 2022Updated 3 years ago
• wfinn / redirex

  View on GitHub
  tool that generates bypasses for open redirects
  ☆52Apr 18, 2022Updated 3 years ago
• grimlockx / ADCSKiller

  View on GitHub
  An ADCS Exploitation Automation Tool Weaponizing Certipy and Coercer
  ☆738May 19, 2023Updated 2 years ago
• glitchedgitz / cook

  View on GitHub
  A wordlist framework to fullfill your kinks with your wordlists. For security researchers, bug bounty and hackers.
  ☆1,320Dec 22, 2025Updated last month
• zimawhit3 / Bitmancer

  View on GitHub
  Nim Library for Offensive Security Development
  ☆198Sep 4, 2023Updated 2 years ago
• glyptho / templatesallnuclei

  View on GitHub
  This includes all the templates of nuclei collected from different sources
  ☆18Dec 30, 2022Updated 3 years ago
• mgeeky / PEInfo

  View on GitHub
  Another Portable Executable files analysing stuff
  ☆21May 28, 2011Updated 14 years ago
• zblurx / dploot

  View on GitHub
  DPAPI looting remotely and locally in Python
  ☆540Oct 7, 2025Updated 4 months ago
• hahwul / s3reverse

  View on GitHub
  The format of various s3 buckets is convert in one format. for bugbounty and security testing.
  ☆86May 6, 2023Updated 2 years ago
• dunderhay / git-rotate

  View on GitHub
  Leveraging GitHub Actions to rotate IP addresses during password spraying attacks to bypass IP-Based blocking
  ☆150May 23, 2024Updated last year
• dmcxblue / SharpGhostTask

  View on GitHub
  A C# port from Invoke-GhostTask
  ☆119Jan 5, 2024Updated 2 years ago
• synacktiv / SCCMSecrets

  View on GitHub
  SCCMSecrets.py aims at exploiting SCCM policies distribution for credentials harvesting, initial access and lateral movement.
  ☆260Nov 22, 2025Updated 2 months ago