A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Python
Updated Oct 20, 2018
Automated Pentest Recon Scanner
windows-kernel-exploits Windows平台提权漏洞集合
C
Updated Jul 15, 2018
linux-kernel-exploits Linux平台提权漏洞集合
C
Updated Apr 17, 2018
A curated list of awesome infosec courses and training resources.
Web path scanner
Python
Updated Oct 13, 2018
PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, pleas…
Python
Updated Jun 30, 2018
XSS'OR - Hack with JavaScript.
JavaScript
Updated Aug 22, 2018
Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.
Python
Updated Aug 4, 2018
Collection of the cheat sheets useful for pentesting
Updated May 11, 2018
Offensive Web Testing Framework (OWTF), is a framework which tries to unite great tools and make pen testing more eff…
📱 objection - runtime mobile exploration
A framework that create an advanced stealthy dropper that bypass most AVs and have a lot of tricks
Python
Updated Oct 20, 2018
Perl
Updated Jan 24, 2018
Find exploits in local and online databases instantly
Shell
Updated Sep 22, 2018
Pop shells like a master.
Python
Updated Aug 11, 2018
SSRF (Server Side Request Forgery) testing resources
Python
Updated Sep 14, 2018
pentest framework
Python
Updated Oct 21, 2018
Spoilerwall introduces a brand new concept in the field of network hardening. Avoid being scanned by spoiling movies …
Python
Updated Jul 3, 2017
CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings…
Python
Updated May 11, 2018
Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network
Python
Updated Jul 25, 2018
Ultimate phishing tool. Socialize with the credentials.
HTML
Updated Sep 19, 2018
A powerful and useful hacker dictionary builder for a brute-force attack
Python
Updated Jun 2, 2018
🔎 Find origin servers of websites behind by CloudFlare using Internet-wide scan data from Censys.
jSQL Injection is a Java application for automatic SQL database injection.
Java
Updated May 13, 2018
"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, dis…
Python
Updated Jan 29, 2018
Pentest environment deployer (kali linux + targets) using vagrant and chef.
Ruby
Updated Oct 9, 2018
Updated May 6, 2017
ODAT: Oracle Database Attacking Tool
Python
Updated Oct 9, 2018
A collection of various GitHub gists for hackers, pentesters and security researchers
Updated Nov 4, 2017