Project for learning V8 internals

Most advanced XSS scanner.

Find leaked secrets via github search

The Cloud Native Application Proxy

Fully-replicated DNS and DHCP Server with ad-blocking powered by etcd

Magic hashes – PHP hash "collisions"

🍪 Flask Session Cookie Decoder/Encoder

Damn Vulnerable Web Application (DVWA)

Exploitation paths allowing you to (mis)use the Windows Privileges to elevate your rights within the OS.

Bypass AMSI by patching AmsiScanBuffer

Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) C2 and post-exploitation framework written in python and C

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

A python3 remake of the classic "tree" command with the additional feature of searching for user provided keywords/regex in files, highlighting those that contain matches.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

🌸 A command-line fuzzy finder