SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

An open-source & self-hostable Heroku / Netlify / Vercel alternative.

A collection of beautiful full-stack components for Laravel. The perfect starting point for your next app. Using Livewire, Alpine.js and Tailwind CSS.

A pure PHP library for reading and writing spreadsheet files

PHP Static Analysis Tool - discover bugs in your code without running it!

🔗 The de facto standard self hosted URL shortener in PHP

This is a webshell open source project

Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.

A curated list of resources for learning about application security

Moodle - the world's open source learning platform

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

SQLI labs to test error based, Blind boolean based, Time based.

All in one tool for Information Gathering, Vulnerability Scanning and Crawling. A must have tool for all penetration testers

VESTA Control Panel

Beautiful Open-Source Form Builder

A collection of PHP backdoors. For educational or testing purposes only.

FruityWiFi is a wireless network auditing tool. The application can be installed in any Debian based system (Jessie) adding the extra packages. Tested in Debian, Kali Linux, Kali Linux ARM (Raspber…

The Symfony documentation

A web installer for Laravel

EspoCRM – Open Source CRM Application

XVWA is a badly coded web application written in PHP/MySQL that helps security enthusiasts to learn application security.

Backend controllers and scaffolding for Laravel authentication.

Free and Self-Hosted Server Management Tool

WordPress static site generator for security, performance and cost benefits

SimpleSAMLphp is an application written in native PHP that deals with authentication.

Build content-administration-panels in Laravel

Web Shell Detector – is a php script that helps you find and identify php/cgi(perl)/asp/aspx shells. Web Shell Detector has a “web shells” signature database that helps to identify “web shell” up t…

a project aim to collect CTF web practices .

Penetration Testing and Hacking CTF's Swiss Army Knife with: Reverse Shell Handling - Encoding/Decoding - Encryption/Decryption - Cracking Hashes / Hashing

🚀 A lightweight HTTP library inspired by JavaScript's fetch, bringing simplicity and flexibility to PHP HTTP requests.