Alternatives and similar repositories for webshell

Users that are interested in webshell are comparing it to the libraries listed below

• lijiejie / GitHack
  A `.git` folder disclosure exploit
  ☆3,389Updated 2 years ago
• xl7dev / WebShell
  Webshell && Backdoor Collection
  ☆1,911Updated 5 years ago
• SecWiki / windows-kernel-exploits
  windows-kernel-exploits Windows平台提权漏洞集合
  ☆8,413Updated 4 years ago
• Audi-1 / sqli-labs
  SQLI labs to test error based, Blind boolean based, Time based.
  ☆5,549Updated last year
• lijiejie / subDomainsBrute
  A fast sub domain brute tool for pentesters
  ☆3,564Updated 2 years ago
• Medicean / VulApps
  快速搭建各种漏洞环境(Various vulnerability environment)
  ☆3,762Updated 4 years ago
• SecWiki / linux-kernel-exploits
  linux-kernel-exploits Linux平台提权漏洞集合
  ☆5,471Updated 5 years ago
• JohnTroony / php-webshells
  Common PHP webshells you might need for your Penetration Testing assignments or CTF challenges. Do not host the file(s) on your server!
  ☆1,910Updated 4 years ago
• sensepost / reGeorg
  The successor to reDuh, pwn a bastion webserver and create SOCKS proxies through the DMZ. Pivot and pwn.
  ☆3,103Updated 5 months ago
• epinna / weevely3
  Weaponized web shell
  ☆3,352Updated 9 months ago
• AntSwordProject / antSword
  中国蚁剑是一款跨平台的开源网站管理工具。AntSword is a cross-platform website management toolkit.
  ☆4,188Updated 6 months ago
• Chora10 / Cknife
  Cknife
  ☆2,435Updated last year
• maurosoria / dirsearch
  Web path scanner
  ☆13,205Updated last month
• knownsec / pocsuite3
  pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.
  ☆3,757Updated 5 months ago
• tennc / fuzzdb
  Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
  ☆1,390Updated 4 years ago
• EnableSecurity / wafw00f
  WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.
  ☆5,805Updated 7 months ago
• frohoff / ysoserial
  A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
  ☆8,430Updated last year
• shmilylty / OneForAll
  OneForAll是一款功能强大的子域收集工具
  ☆9,190Updated 9 months ago
• b374k / b374k
  PHP Webshell with handy features
  ☆2,502Updated 2 years ago
• c0ny1 / upload-labs
  一个想帮你总结所有类型的上传漏洞的靶场
  ☆4,009Updated 2 years ago
• kost / dvcs-ripper
  Rip web accessible (distributed) version control systems: SVN/GIT/HG...
  ☆1,751Updated last year
• knownsec / Pocsuite
  This project has stopped to maintenance, please to https://github.com/knownsec/pocsuite3 project.
  ☆1,827Updated 3 years ago
• H4ckForJob / dirmap
  An advanced web directory & file scanning tool that will be more powerful than DirBuster, Dirsearch, cansina, and Yu Jian.一个高级web目录、文件扫描工…
  ☆3,305Updated 9 months ago
• TheKingOfDuck / fuzzDicts
  You Know, For WEB Fuzzing ! 日站用的字典。
  ☆8,035Updated last year
• epinna / tplmap
  Server-Side Template Injection and Code Injection Detection and Exploitation Tool
  ☆4,005Updated last year
• zer0yu / Awesome-CobaltStrike
  List of Awesome CobaltStrike Resources
  ☆4,230Updated last year
• tarunkant / Gopherus
  This tool generates gopher link for exploiting SSRF and gaining RCE in various servers
  ☆3,152Updated 2 years ago
• qazbnm456 / awesome-cve-poc
  ✍️ A curated list of CVE PoCs.
  ☆3,424Updated 3 years ago
• fuzzdb-project / fuzzdb
  Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
  ☆8,636Updated last year
• xmendez / wfuzz
  Web application fuzzer
  ☆6,245Updated 11 months ago