An opinionated list of awesome Python frameworks, libraries, software and resources.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

Automatic SQL injection and database takeover tool

We have made you a wrapper you can't refuse

Python ProxyPool for web spider

Never use print for debugging again

Impacket is a collection of Python classes for working with network protocols.

Most advanced XSS scanner.

Web path scanner

Exploitation Framework for Embedded Devices

CTF framework and exploit development library

The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the contr…

Credentials recovery project

An open-source post-exploitation framework for students, researchers and developers.

OneForAll是一款功能强大的子域收集工具

A swiss army knife for pentesting networks

Python Telegram bot api.

You Know, For WEB Fuzzing ! 日站用的字典。

An advanced memory forensics framework

GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux

Linux 内核揭秘

Typed interactions with the GitHub API v3

🔥 Web-application firewalls (WAFs) from security standpoint.

PEDA - Python Exploit Development Assistance for GDB

Automated Adversary Emulation Platform

An Efficient ProxyPool with Getter, Tester and Server

🐍 A toolkit for testing, tweaking and cracking JSON Web Tokens

WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.

Using the jedi autocompletion library for VIM.