A Simple android remote administration tool using sockets. It uses java on the client side and python on the server side

OWASP API Security Project

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

BlackHat C++ : C++ For Pentesters, by EC-Council

Applied offensive security with Rust - https://kerkour.com/black-hat-rust

Python script to check HTTP security headers

Automatically exported from code.google.com/p/fuzzdb

Aggregated wordlist pulled from commonly used tools for discovery, enumeration, fuzzing, and exploitation.

Nucleimonst3r is a powerful vulnerability scanner that can help Bug Bounty Hunters find low hanging fruit vulnerabilities for known CVEs and exploits but also gather all the technology running behi…

Checks for SSRF using built-in custom Payloads after fetching URLs from Multiple Passive Sources & applying complex patterns aimed at SSRF

🎯 Command Injection Payload List

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

🎯 SQL Injection Payload List

An example website that implements OAuth 2.0 and OpenID Connect in Python

A fast, simple, recursive content discovery tool written in Rust.

Analysis of Swedish password usage

A collection of custom security tools for quick needs.

Write any JavaScript with 6 Characters: []()!+

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

Attack and defend active directory using modern post exploitation adversary tradecraft activity

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

The Browser Exploitation Framework Project

PowerSploit - A PowerShell Post-Exploitation Framework

pwning IPv4 via IPv6

Compilation of Resources from TCM's Practical Ethical Hacking Udemy Course

For pentesters who don't wanna leave their terminals.

The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the contr…

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.