OWASP VulnerableApp Project: For Security Enthusiasts by Security Enthusiasts.

Fileless lateral movement tool that relies on ChangeServiceConfigA to run command

A little tool to play with Windows security

Trying to tame the three-headed dog.

game of active directory

PowerSploit - A PowerShell Post-Exploitation Framework

Open-Source Phishing Toolkit

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

Dockerized version of Nexus Repo Manager 3

A tool for secrets management, encryption as a service, and privileged access management

SEO Tools for Laravel

Gospider - Fast web spider written in Go

dnsx is a fast and multi-purpose DNS toolkit allow to run multiple DNS queries of your choice with a list of user-supplied resolvers.

Finds unknown classes of injection vulnerabilities

This Package helps developers to easily work with Jalali (Shamsi or Iranian) dates in php appliations, based on Jalali (Shamsi) DateTime class.

Simple to use root checking Android library and sample app

Awesome Frida - A curated list of Frida resources http://www.frida.re/ (https://github.com/frida/frida)

[WIP] Crappy iOS app analyzer

The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the contr…

Runtime Mobile Security (RMS) 📱🔥 - is a powerful web interface that helps you to manipulate Android and iOS Apps at Runtime

Android Shared preference wrapper than encrypts the values of Shared Preferences. It's not bullet proof security but rather a quick win for incrementally making your android app more secure.

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Find, verify, and analyze leaked credentials

Community curated list of templates for the nuclei engine to find security vulnerabilities.

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static a…

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

Android security guides, roadmap, docs, courses, write-ups, and teryaagh.

A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.

Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.

MassDNS wrapper written in go to enumerate valid subdomains using active bruteforce as well as resolve subdomains with wildcard filtering and easy input-output support.