A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Developer-first error tracking and performance monitoring

🥧 HTTPie CLI — modern, user-friendly command-line HTTP client for the API era. JSON support, colors, sessions, downloads, plugins & more.

Faker is a Python package that generates fake data for you.

A Study Path for Game Programmer

Impacket is a collection of Python classes for working with network protocols.

Web path scanner

Exploitation Framework for Embedded Devices

Scapy: the Python-based interactive packet manipulation program & library.

Python based web automation tool. Powerful and elegant.

an awesome list of honeypot resources

类似按键精灵的鼠标键盘录制和自动化操作 模拟点击和键入 | automate mouse clicks and keyboard input

You Know, For WEB Fuzzing ! 日站用的字典。

🤖 史上最强云手机远程桌面逆向抓包HOOK自动化取证能力集一体的安卓 RPA 框架，下一代移动数据自动化机器人。

WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.

HTTP parameter discovery suite.

A Python module to bypass Cloudflare's anti-bot page.

Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authenticat…

Requests + Gevent = <3

Windows Exploit Suggester - Next Generation

A python script that finds endpoints in JavaScript files

A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228

Arsenal is just a quick inventory and launcher for hacking programs

Source Code Security Audit (源代码安全审计)

Packer Fuzzer is a fast and efficient scanner for security detection of websites constructed by javascript module bundler such as Webpack.

本程序旨在为安全应急响应人员对Linux主机排查时提供便利，实现主机侧Checklist的自动全面化检测，根据检测结果自动数据聚合，进行黑客攻击路径溯源。

Modern Honey Network

KunLun-M是一个完全开源的静态白盒扫描工具，支持PHP、JavaScript的语义扫描，基础安全、组件安全扫描，Chrome Ext\Solidity的基础扫描。

Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor

Extract files from any kind of container formats