SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

WebRTC Web demos and samples

Solo 1 firmware in C

U2F USB token optimized for physical security, affordability, and style

R3C0Nizer is the first ever CLI based menu-driven web application B-Tier recon framework.

🕸️ discovery tool for legally restricted or censored HTTP resources (code 451 / RFC7725)

A collection of various awesome lists for hackers, pentesters and security researchers

🏔 Love Freedom - ❌ Block Mass Surveillance

The easiest, and most secure way to access and protect all of your infrastructure.

Port Forwarding NetStat Grab wpa_supplicant Turn WiFi On/Off Show Mac/Inet Remove Password Extract apk from app Use Keycode Get Battery Status Get Current Activity

Homemade Pwnbox 🚀 / Rogue AP 📡 based on Raspberry Pi — WiFi Hacking Cheatsheets + MindMap 💡

Websploit is a high level MITM framework

Framework designed to automate various wireless networks attacks (the project was presented on Pentester Academy TV's toolbox in 2017).

Cheatsheets, References, and notes on various red teaming/pentesting topics.

Set up a personal VPN in the cloud

Reverse Caller Id using TrueCaller

Caller ID Web App

OpenPGP implementation for JavaScript

Affordable WiFi hacking platform for testing and learning

A ruby gem that validates whether an SSN has likely been issued or not.

Validate and mask a U.S. Social Security Number (SSN)

A tool for secrets management, encryption as a service, and privileged access management

The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes technical processes for verifying the OWA…

🐶 A curated list of Web Security materials and resources.

A reverse proxy that provides authentication with Google, Azure, OpenID Connect and many more identity providers.

Find, verify, and analyze leaked credentials

Private key usage verification

FACEBOOK HACKING TOOLKIT

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.