A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) C2 and post-exploitation framework written in python and C

Python Remote Administration Tool (RAT)

🐈Medusa是一个红队武器库平台，目前包括XSS平台、协同平台、CVE监控、免杀生成、DNSLOG、钓鱼邮件、文件获取等功能，持续开发中

Python antivirus evasion tool

Burp Suite Certified Practitioner Exam Study

Infosec Wordlists and more.

Its a framework filled with alot of options and hacking tools you use directly in the script from brute forcing to payload making im still adding more stuff i now have another tool out called htkl-lite its hackers-tool-kit just not as big and messy to see updates check on my instagram @tuf_unkn0wn or if there are any problems message me on insta…

Cloak can backdoor any python script with some tricks.

Multiplatform payload dropper

Analysing parameters with all payloads' bypass methods, aiming at benchmarking security solutions like WAF.

A framework for Backdoor development!

RomBuster is a router exploitation tool that allows to disclosure network router admin password.

RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.

Modular penetration testing platform that enables you to write, test, and execute exploit code.

Generates malicious LNK file payloads for data exfiltration

This script allows you to inject an invisible keylogger thanks to a Bad USB.

The purpose of this tool is to test the window10 defender protection and also other antivirus protection.

Translator from USB-Rubber-Ducky payloads to a Digispark code.

Simple script for the WHID injector - a rubberducky wifi