A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Interact with your documents using the power of GPT, 100% privately, no data leaks

Best DDoS Attack Script Python3, (Cyber / DDos) Attack With 56 Methods

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

(⌐■_■) - Deep Reinforcement Learning instrumenting bettercap for WiFi pwning.

holehe allows you to check if the mail is used on different sites like twitter, instagram and will retrieve information on sites with the forgotten password function.

Email OSINT & Password breach hunting tool, locally or using premium services. Supports chasing down related email

Veil 3.1.X (Check version info in Veil at runtime)

Villain is a high level stage 0/1 C2 framework that can handle multiple reverse TCP & HoaxShell-based shells, enhance their functionality with additional features (commands, utilities) and share th…

Arsenal is just a quick inventory and launcher for hacking programs

SMS/Email/Whatsapp/Twitter/Instagram bombers Collection 💣💣💣 💥 Also added collection of some Fake SMS utilities which helps in skip phone number based SMS verification by using a temporary phone num…

Modern Honey Network

This tool extracts and displays data from the Recall feature in Windows 11, providing an easy way to access information about your PC's activity snapshots.

Mentalist is a graphical tool for custom wordlist generation. It utilizes common human paradigms for constructing passwords and can output the full wordlist as well as rules compatible with Hashcat…

Totally Automatic LFI Exploiter (+ Reverse Shell) and Scanner

🔗 Don't know what type of hash it is? Name That Hash will name that hash type! 🤖 Identify MD5, SHA256 and 300+ other hashes ☄ Comes with a neat web app 🔥

Katana - Automatic CTF Challenge Solver in Python3

Crypter - Python3 based builder and ransomware compiled to Windows executable using PyInstaller

StalkPhish - The Phishing kits stalker, harvesting phishing kits for investigations.

Crashes iOS 17 Devices using a really any device

Automatically ⬆️ upload TikTok videos

Easy files and payloads delivery over DNS

A framework for automated extraction of static and dynamic features from Android applications

ICMP Reverse Shell written in Python 3 and with Scapy (backdoor/rev shell)

The OSTE meta scanner is a comprehensive web vulnerability scanner that combines multiple DAST scanners, including Nikto Scanner, ZAP, Nuclei, SkipFish, and Wapiti.

Telegram Account Hacking or Cloning Latest Tool

🤖 Generate Minecraft/NordVPN/Hulu/Origin And ... 💀

AI coder that thinks before doing. Clean Coder is your 2-in-1 AI Software Project Manager and Developer. AI agents capable of creating entire software projects from scratch or further developing ex…

Database of polyglot files. By polyglot, we mean files readable in multiple formats

TheThing: an open-source tool to detect DOM Clobbering vulnerabilities