An open source tool focused on software supply chain security. 墨菲安全专注于软件供应链安全，具备专业的软件成分分析（SCA）、漏洞检测、专业漏洞库。

A Game of Hackers (CTF Scoreboard & Game Manager)

SQLCipher is a standalone fork of SQLite that adds 256 bit AES encryption of database files and other security features.

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static a…

Android Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android

NO LONGER MAINTAINED - Android security & privacy analysis for the masses

Automatic SQL injection and database takeover tool

Türkiye'ye Yönelik Zararlı Bağlantı Erişim Engelleme Listesi

FireVu is an Intentionally vulnerable Android application developed for Android open source security.

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

Dexofuzzy : Dalvik EXecutable Opcode Fuzzyhash

Python wrapper for ssdeep fuzzy hashing library

Python API wrapper for the Joe Sandbox API.

list of regex patterns for oauth / api tokens with provided source

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

The best discord token logger!

Official publication of the full w4sp stealer source code, with api and bot

Python script to decrypt files encrypted using Cordova in Android app

A collection of regexes for every possbile use

A bunch of tools in one small container image. It's useful while scanning project in CI/CD or manually pentesting.

Nebula is a cloud C2 Framework, which at the moment offers reconnaissance, enumeration, exploitation, post exploitation on AWS, but still working to allow testing other Cloud Providers and DevOps C…

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

An OSINT tool that helps detect members of a company with leaked credentials

An advanced [Finder | Checker | Server] tool for proxy servers, supporting both HTTP(S) and SOCKS protocols. 🎭

For unpacking base64:ed "Save items"-content from Burp (From search + proxy history)

A quick and dirty HTTP/S "organic" traffic generator.

TELEFOX, Telegram üzerinden istihbarat çalışmalarında siber güvenlik ekiplerine yardımcı olmak amacıyla geliştirilen bir projedir. TELEFOX, son 24 saat içinde Telegram kanallarında paylaşılan mesaj…

Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the …