Wordlists handcrafted (and automated) with ♥
☆230Aug 1, 2025Updated 7 months ago
Alternatives and similar repositories for brutas
Users that are interested in brutas are comparing it to the libraries listed below
Sorting:
- Remove duplicate URLs by retaining only the unique combinations of hostname, path, and parameter names☆39May 5, 2024Updated last year
- Roast in the Middle☆294Sep 19, 2025Updated 5 months ago
- This is a Burp Suite extension that allows users to easily add web addresses to the Burp Suite scope.☆97Jan 2, 2025Updated last year
- Spider entire networks for juicy files sitting on SMB shares. Search filenames or file content - regex supported!☆1,303Updated this week
- A tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other ob…☆483Oct 14, 2022Updated 3 years ago
- Identify virtual hosts by similarity comparison☆137Aug 12, 2024Updated last year
- Alternative to XSS Hunter for blind XSS.☆50Dec 8, 2022Updated 3 years ago
- Refactored & improved CredKing password spraying tool, uses FireProx APIs to rotate IP addresses, stay anonymous, and beat throttling☆1,259Mar 19, 2025Updated 11 months ago
- ☆383May 17, 2023Updated 2 years ago
- Rockyou for web fuzzing☆3,033Feb 11, 2026Updated 3 weeks ago
- Gampung tools for find nuclei template from github☆12Sep 6, 2023Updated 2 years ago
- A C# MS SQL toolkit designed for offensive reconnaissance and post-exploitation.☆783Oct 16, 2025Updated 4 months ago
- Your MitM sidekick for relaying attacks featuring DHCPv6 DNS takeover as well as mDNS, LLMNR and NetBIOS-NS spoofing.☆1,266Dec 9, 2025Updated 3 months ago
- bypass-url-parser☆1,115Updated this week
- Python script to launch burp scans automatically☆32Jul 18, 2021Updated 4 years ago
- Create your Custom Wordlist For Fuzzing☆201Oct 14, 2024Updated last year
- Finding all things on-prem Microsoft for password spraying and enumeration.☆257May 17, 2022Updated 3 years ago
- ☆92Aug 23, 2021Updated 4 years ago
- Real-world infosec wordlists, updated regularly☆1,642Mar 2, 2026Updated last week
- Serverless Redirector in various cloud vendor for red team☆73Dec 8, 2022Updated 3 years ago
- Generate graphs and charts based on password cracking result☆163Feb 17, 2023Updated 3 years ago
- A small example of loading BOFs in Python with pure reflection☆19Jan 26, 2023Updated 3 years ago
- Remove duplicates from MASSIVE wordlist, without sorting it (for dictionary-based password cracking)☆965Nov 4, 2025Updated 4 months ago
- A modular URL deduplication tool.☆19Feb 19, 2025Updated last year
- This repository contains wordlists for each versions of common web applications and content management systems (CMS). Each version contai…☆534Dec 4, 2024Updated last year
- goverview - Get an overview of the list of URLs☆142Dec 5, 2025Updated 3 months ago
- Teamsniper is a tool for fetching keywords in a Microsoft Teams such as (passwords, emails, database, etc.).☆197Sep 19, 2022Updated 3 years ago
- A python3 remake of the classic "tree" command with the additional feature of searching for user provided keywords/regex in files, highli…☆408Jan 19, 2025Updated last year
- tool that generates bypasses for open redirects☆51Apr 18, 2022Updated 3 years ago
- An ADCS Exploitation Automation Tool Weaponizing Certipy and Coercer☆740May 19, 2023Updated 2 years ago
- Nim Library for Offensive Security Development☆197Sep 4, 2023Updated 2 years ago
- A wordlist framework to fullfill your kinks with your wordlists. For security researchers, bug bounty and hackers.☆1,327Updated this week
- Another Portable Executable files analysing stuff☆21May 28, 2011Updated 14 years ago
- This includes all the templates of nuclei collected from different sources☆18Dec 30, 2022Updated 3 years ago
- DPAPI looting remotely and locally in Python☆542Oct 7, 2025Updated 5 months ago
- The format of various s3 buckets is convert in one format. for bugbounty and security testing.☆87May 6, 2023Updated 2 years ago
- Leveraging GitHub Actions to rotate IP addresses during password spraying attacks to bypass IP-Based blocking☆148May 23, 2024Updated last year
- A C# port from Invoke-GhostTask☆120Jan 5, 2024Updated 2 years ago
- Porch Pirate is the most comprehensive Postman recon / OSINT client and framework that facilitates the automated discovery and exploitati…☆445Jan 25, 2024Updated 2 years ago